俄罗斯黑客窃取全球12亿用户信息
俄罗斯黑客团伙窃取了12亿用户名和密码,这些属于5亿多个电子邮件地址,来自与一家专门从事发现漏洞叫Hold Security的美国公司称。
Hold Security将此次描述为“这是有史以来规模最大的已知的互联网信息失窃案件”。
称被盗信息来自超过420000个网站,包括“全世界几乎所有行业的领军企业”。
Hold Security 没有透露受到黑客影响的公司具体细节。(更多全球资讯请登录中国进出口网)
“他们目标不只是大公司,相反,他们有针对的对受害者所访的每个网站,“Hold Security在其报告中表示。
“成千上万的网站受到影响,包括许多世界各地几乎所有行业的领军企业,,以及众多小型甚至个人网站。”
这些数据库被用来攻击电子邮件提供者,社会媒体和在其他网站向受害者发布垃圾邮件和在其他合法的系统上安装恶意插件”
《纽约时报》首先报道发现,一个不隶属于Hold Security的安全专家分析了被盗数据库凭证,确认这一消息属实”。
“另一个计算机犯罪专家曾回顾了数据,但不允许公开讨论这个问题,因为说是一些大公司意识到,他们的记录是在被盗信息里面,”该报称。
该报补充说:“Hold Security不会指出受害公司名字,引用保密协议和不愿提到名字的公司网站仍然是脆弱的。”
多管齐下的攻击?
Hold Security,此前报道了关于黑客对Adobe和的Target的攻击,并说说花了7个多月的研究才发现最新的攻击内容。
该公司声称该团伙最初获得的数据库来自于黑市上黑客手。
这些数据库被用来攻击电子邮件提供者,社会媒体和在其他网站向受害者发布垃圾邮件和在其他合法的系统上安装恶意插件”Hold Security 提到。
黑客也从僵尸网络获取访问数据——感染恶意软件的计算机引起别的计算机感染。
Hold Security说僵尸网络帮助黑客组织——它被称为CyberVor识别超过400000个网站,这些仍易受到网络攻击。
“CyberVors利用这些漏洞从这些网站的数据库窃取数据,”该公司说。
“我们所知,他们大多集中于盗窃信息,最终结局是总计被盗超过12亿电子邮件和密码的最大个人信息缓存的数据。” (更多全球资讯请登录中国进出口网)
Russia gang hacks 1.2 billion usernames and passwords
The group is alleged to have stolen credentials from hundreds of thousands of websites globally
A Russian group has hacked 1.2 billion usernames and passwords belonging to more than 500 million email addresses, according to Hold Security - a US firm specialising in discovering breaches.
Hold Security described the hack as the "largest data breach known to date".
It claimed the stolen information came from more than 420,000 websites, including "many leaders in virtually all industries across the world".
Hold Security did not give details of the companies affected by the hack.
"They didn't just target large companies; instead, they targeted every site that their victims visited," Hold Security said in its report.
"With hundreds of thousands of sites affected, the list includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites."
These databases were used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems”
Hold Security (更多全球资讯请登录中国进出口网)
The New York Times, which first reported the findings, said that on its request "a security expert not affiliated with Hold Security analysed the database of stolen credentials and confirmed it was authentic".
"Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information," the paper said.
The paper added: "Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable."
Multi-pronged attack?
Hold Security, which has previously reported about hacks on Adobe and Target, said it took more than seven months of research to discover the extent of the latest hack.
The firm claimed the gang initially acquired databases of stolen credentials from fellow hackers on the black market.
"These databases were used to attack e-mail providers, social media, and other websites to distribute spam to victims and install malicious redirections on legitimate systems," Hold Security said.
The hackers also got access to data from botnets - a network of computers infected with malware to trigger online fraud. (更多全球资讯请登录中国进出口网)
Hold Security said the botnets helped the hacking group - which it dubbed CyberVor - identify more than 400,000 websites that were vulnerable to cyber attacks.
"The CyberVors used these vulnerabilities to steal data from these sites' databases," the firm said.
"To the best of our knowledge, they mostly focused on stealing credentials, eventually ending up with the largest cache of stolen personal information, totalling over 1.2 billion unique sets of e-mails and passwords."