Pages

Saturday, August 16, 2014

Russian Hackers Pull Off 'World's Biggest' Data Heist


More than 420,000 sites were targeted in the attacks attributed to Russian cyber criminals. 

Russian hackers have pulled off what is possibly the largest cyber security breach in history, stealing 1.2 billion usernames and passwords and more than 500 million email addresses, security experts say. 

More than 420,000 websites, including large, well-known sites as well as smaller companies, were targeted by a cybercrime ring dubbed Cybervor. 

Reports suggest it was unlikely the work of the Russian government. More likely, the criminals stole the information to send spam messages over social networks. 

"Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites," security expert Alex Holden, of Hold Security which uncovered the find, told media on Tuesday. 

In a blog post, Hold Security, who uncovered the find, explained that it had researched the gang for the last seven months before identifying them. 

The Cybervor ring comprises about a dozen men in their 20s, who are based in a central Russian town and who all seem to know each other personally. 

The gang first took possession of databases of stolen credentials from the black market. "These databases were used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems," the blog explained. 

Most of the sites attacked remained vulnerable, though Holden's team has been working to alert those affected.

BBC