Hold Security cybersecurity firm spotted the crybercriminal advertisement of 1.17 billion user records data breach in a Russian underground forum.
Security analysts began negotiation with the hacker on the data set in order to verify the authenticity of the records.
The Price of $1
For a mere sum of 50 roubles or less than a buck or 0.76 to be exact, the Russian hacker would trade the information he couldn’t care less about.
What’s more, he generously handed over the complete dump to Hold researchers upon agreeing to post favorable comments on the hacker on members-only hacker forums, since it’s in the firm’s policy to refuse to pay for any stolen data.
Alex Holden, Hold Security founder and chief information security officer confirmed that the credentials came from some of the most popular providers.
However, a large number of the massive number of logins turned out to be duplicate credentials and only 272 Million were actually unique.
It’s been reported that 57 million belonged to Mail.ru, 40 million came from Yahoo accounts, 33 million from Microsoft Hotmail accounts, and 24 million accounted for Gmail accounts. Out of these 272 million records analyzed by the firm, just about 42.5 million were not previously seen and traded before in any data breach on the dark web market.
Still, your own credentials can be any of this billions down to a few millions number.
No Reason to Freak Out?
As one would expect, this story hyped up and quickly got picked up by the media. Some were more chaotic with headlines implying major security breach of popular email service providers being hacked, and igniting cybersecurity alert with millions of email accounts and passwords stolen from Google, Yahoo, and Gmail. Though the 1.17 billion data breach ads were discovered to only be accountable for just around 272 million, all this data could lead to successive hacks and identity theft if it proves to be legit.
Amidst all the alarming possibilities, there’s no reason to panic, primarily because there’s no evidence that the credentials were stolen from email providers.
For instance, the initial check performed by Russia’s leading servicer Mail.ru hasn’t matched active user name and password combinations with their existing email accounts.
After analyzing the alleged data breach, it was concluded that 99.982% were invalid, as revealed by the email servicer’s spokesperson to Reuters.
On the other hand, Microsoft has stated that they have security measures in place towards detecting account compromise and the company acts to protect customers.
Holden stated that almost none of the credentials were encrypted.
In addition to that, the fact that the data breach set was being sold for incredibly under $1 increases the likelihood that they’ve simply been culled from older data breaches and accumulated to a billion to date.
Lists like these are often put together by wannabe hackers for the purpose of selling to other hackers or spammers to get immediate incentive.
Security expert Troy Hunt, creator of the world-renowned free data breach repository, says how he thinks that this is a non-event that’s getting more headlines than it should, or what the actual data warrants.
Credentials are stolen and trafficked almost by routine on a daily basis and have become the norm. It may be a huge amount, and it’s all it is because big numbers tend to attract headlines, and not every set of circulated data is a potential data breach.
The Collector’s sale item is apparently what it is- a collection of different data breaches, and the Russian hacker was clearly trying to inflate his offer to make some easy money, and literally an easy buck in this case.
Latest posts by Richard (see all)
- Wide Range of Job Ads Available on the Dark Web - November 5, 2018
- Continuous Exploit of RDP Pushes FBI to Issue Warning to Potential Targets - October 29, 2018
- Ross Ulbricht’s Fifth Year in Jail - October 10, 2018