Researchers find 2m cracked passwords on botnet server

Repository covers credentials for Facebook, Google, Twitter and Yahoo

Tags: Cyber crimeFacebook IncorporationGoogle IncorporatedNetherlandsTrustwave Holdings Inc (www.trustwave.com)Twitter IncorporationYahoo! Incorporated
  • E-Mail
Researchers find 2m cracked passwords on botnet server Cyber experts say the passwords were cracked because they were weak.
By  Stephen McBride Published  December 5, 2013

Cyber security specialists have discovered a repository of around 2m passwords to Web services accounts such as Facebook, Google, Twitter and Yahoo, while investigating a Netherlands-based server, Reuters reported.

According to the cyber researchers from Trustwave's SpiderLabs, the server is a notorious command-and-control hub for botnet known as "Pony". SpiderLabs has since contacted Dutch authorities and requested that the server be taken offline.

More than 90,000 websites had been compromised and were represented among the passwords found. SpiderLabs said it had informed the most affected companies.

The data is said to include (approximate figures): 326,000 Facebook accounts, 60,000 Google accounts, 59,000 Yahoo accounts and 22,000 Twitter accounts. A wide range of countries were represented among the victims, including the United States, Germany, Singapore and Thailand.

The cyber researchers said the passwords were easily cracked because they were weak. Examples of logon credentials discovered in the data store are: "password", "admin", "123" and "1". The most common password was found to be "123456", which was used in nearly 16,000 accounts.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code