Morning message on May 5 Beijing time, Hold Security Network security company founder and chief information security officer, yalikesi·huoerdeng (Alex Holden), told Reuters, in Russia on the black market, there are millions of stolen e-mail messages and website user name and password are privately traded.
Holden said he found 272.3 million stolen accounts is Russia selling on the black market, including Russia's most popular e-mail service Mail.ru account for most users, there is also a small portion of Google, Yahoo and Microsoft e-mail user accounts. Since the United States big banks and retailers in the Internet hacker attacks two years ago since the incident came to light, which is the largest one of the user accounts and passwords stolen.
Prior to this, Holden had helped found the world's largest data theft incident which affected Adobe Systems, JP Morgan Chase and the target of tens of millions of users, and subsequently suffered a cyber crimes of harassment. OtterBox N4
Hold Security can reveal the latest incidents of data theft, because the company found a young Russia hacker in an online forum boasts a large collection of stolen user credentials and prepared to sale these information. Finally, the hacker posted 1.17 billion record.
Holden said after removing duplicate information, he found that the leaked information included nearly 57 million Mail.ru account, compared to Mail.ru said it at the end of last year, the number of monthly active users for 64 million people so far. In addition, the leaked information also includes tens of millions of from Google, Microsoft and Yahoo that three of the world's largest email service provider account, there are hundreds of thousands of from Germany and China, email service provider's account. OtterBox Note 4
It is difficult to understand that, who Russia hackers sell a full set of information asking price is only 50 Russia rubles (about US $ 1), Hold Security researchers agreed to support his remarks in hacking Forum and decided to give up this data set, Holden said. He said, Hold Security company policy is to refuse to pay for stolen data.
This scale of stolen data can be used to further illegal access to user information, or be used in phishing attacks, causing the financial information on the entire Internet to be stolen or loss of reputation risk exponentially. Hackers know that users are willing to use a common password, rather than change your password frequently and makes it more complicated. Because of this, hackers can steal the password from the account in an attempt to break the other accounts of the same user.
A Microsoft spokesman expressed, users online credential theft is an unfortunate fact. The spokesman said: "Microsoft has taken security measures to detect accounts being stolen, and asks the user to provide additional information to verify identity, so as to help it regain sole right to login. "Yahoo and Google have yet to comment.
Holden said the stolen account number of Yahoo's e-mail service to 40 million, at 272 million in a separate ID theft accounted for 15% Microsoft services stolen account number was 33 million, accounted for stolen account numbers of 12%;Gmail services for close to 24 million, accounted for 9%.
[Article correction]
Collection is the collection of 1542
Tags: Internet