Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web

The Hacker News

Hacker News / The Hacker News 317 Views 0

Hardly a day goes with out headlines about any vital knowledge breach. In previous yr, billions of accounts from in style websites and providers, together with LinkedIn, Tumblr, MySpace, Last.FM, Yahoo!, VK.com have been uncovered on the Web.

Now, based on the current information, login credentials and different private knowledge linked to more than one Million Yahoo and Gmail accounts are reportedly being provided on the market on the dark web market.

The web accounts listed on the market on the Darkish Net allegedly include usernames, emails, and plaintext passwords. The accounts will not be from a single knowledge breach; as an alternative, a number of main cyber-attacks believed to have been behind it.

The hacker going by the web deal with 'SunTzu583' has listed quite a few cracked e mail packages on a collection of darkish web sites, HackRead reported.

This is the Full Record of Accounts and their Costs:

  • 100,000 Yahoo accounts acquired from 2012 Last.FM data breach, for zero.0084 Bitcoins ($10.76).
  • One other 145,000 Yahoo accounts acquired from two separate knowledge breaches – the 2013 Adobe knowledge breach and the 2008 MySpace breach – for zero.0102 Bitcoins (USD 13.75).
  • 500,000 Gmail accounts from the 2008 MySpace hack, the 2013 Tumblr breach, and the 2014 Bitcoin Security Forum breach for zero.0219 Bitcoins ($28.24).
  • One other 450,000 Gmail accounts for zero.0201 BTC (USD 25.76), which got here from numerous different knowledge breaches in Dropbox, Adobe, and others that occurred between 2010 and 2016.

Final.FM knowledge breach from 2012 uncovered 43 million consumer accounts that have been publicly launched in September final yr.

Adobe breach from October 2013 uncovered over 153 million accounts containing inner IDs, usernames, emails, encrypted passwords and a password trace in plain textual content.

MySpace knowledge breach from 2008 uncovered 360 million consumer accounts, containing usernames, emails and their decrypted (plaintext) passwords, which have been leaked on the darkish net in 2016.

Google’s Gmail e mail service is understood to be probably the most safe e mail providers, however no firm can safe their accounts from hackers on account of a 3rd celebration knowledge breach.

Tens of millions of Gmail accounts, during which usernames, emails, and plaintext passwords have been uncovered, have been stolen in a number of knowledge breaches in Bitcoin Security Forum, Tumblr, Last.fm, 000webhost, Adobe, Dropbox, Flash Flash Revolution, LookBook and Xbox360 ISO, occurred between 2008 and 2016.

The info listed on the market by SunTzu583 has not been independently verified by The Hacker Information, however has reportedly been checked by matching it to the info on quite a lot of knowledge breach notification platforms, together with Hacked-DB and HaveIBeenPwned.

This is What All You Can Do:

For sure, you must instantly change virtually all of your account passwords no less than as soon as.

Additionally allow two-factor authentication for all of your on-line accounts instantly.

And as soon as once more, a robust suggestion: Do not Reuse Passwords.

Additionally, you're really helpful to vary your password each few months, which limits how lengthy a stolen password is beneficial to a hacker.

Since nobody can keep in mind and recreate robust passwords for each single on-line account repeatedly, the perfect follow is to make use of a good password manager. It can generate, retailer and alter repeatedly robust, distinctive passwords for all of your accounts.