Security researchers have discovered a server which is storing over 2 million passwords of popular social media websites like Facebook, Twitter, LinkedIN, Google and Yahoo.
Trustwave’s SpiderLabs researchers said that the stolen passwords were discovered while carrying out an investigation of servers in Netherlands which are used by cyber criminals for controlling a huge network of compromised zombie computers which is called the ‘Pony Botnet’. The Pony Botnet controller is a program which spreads malware over the internet.
This hacking report follows a similar incidence of the Adobe hack in October this year which resulted in passwords of 38 million users being stolen and hacking of Vodafone Germany where 2 million customers were affected.
The security agency said that there are over 90000 websites and internet service providers whose client login details have been found on the server and it has reported only few of the major ones currently. There over 100 countries from where the details may have been stolen by the botnet.
There are over 318,121 Facebook username and passwords, 59549 Yahoo user details, 21708 for Twitter and about 8490 LinkedIN user details which are found on the server. Most of the affected users were from the Netherlands which accounted for 97% of the total which was followed by Thailand, Germany and United stated was only at 0.10% of the affected users.
However, it must be noted that the details were not stolen from these companies directly but from the users itself who logged into their account and whose machines were affected by the botnet.
Facebook and Twitter representatives said the passwords of the affected users have been reset. “Facebook takes people’s information security extremely seriously and we work hard to protect it,” said a Facebook representative. While other companies did not respond.
For users who still use easy to hack passwords like 12345 or passwords should eight away set a strong password and enable two factor authentications where available to avoid chances of getting your account compromised.
About the author:
Eric is a technical writer and frequently covers topics related to Web hosting service, cloud computing and Internet technologies.