Hacks and Incidents

Found: hacker server storing two million pilfered paswords

Found: hacker server storing two million pilfered paswords: Researchers have unearthed a server storing more than two million pilfered login credentials for all kinds of user accounts, including those on Facebook, Yahoo, Google, Twitter, and a handful of other websites.

More than 1.5 million of the user names and passwords are for website accounts, including 318,121 for Facebook, 59,549 for Yahoo, 54,437 for Google, and 21,708 for Twitter, according to a blog post published Tuesday by researchers from security firm Trustwave’s Spider Labs. The cache also included credentials for e-mail addresses, FTP accounts, remote desktops, and secure shells.

More than 1.8 million of the passwords, or 97 percent of the total, appeared to come from computers located in the Netherlands, followed by Thailand, Germany, Singapore, and Indonesia. US accounts comprised 0.1 percent, with 1,943 compromised passwords. In all, the data may have come from as many as 102 countries.

“A quick glance at the geo-location statistics above would make one think that this attack was a targeted attack on the Netherlands,” Spider Labs researchers Daniel Chechik and Anat (Fox) Davidi wrote.

Standard