More than 26m user passwords stolen from Amazon, Apple, and Facebook

A hacking malware distributed onto 3.25 million computers is said to have led to the harvesting of more than 26 million user credentials related to Amazon, Apple, and Facebook. 

According to research carried out by a Cybersecurity firm named NordLocker, a hacking group devised malware and distributed it onto millions of PCs in 2018. And then started to use that malware to harvest millions of user credentials that accounted for a 1.2 terabyte database.

Security researchers claim that the stolen data includes usernames and passwords from various online platforms such as Twitter, Twitch, Steam, Reddit, Paypal, Roblox, Netflix, Instagram, eBay, and Instagram.

Siphoning of data took place in a simple streamline method- First the malware was distributed to victims through malicious link-filled emails aka the Phishing technique & through malware-laced pirated software available on the web. And took control of the system and enabled the malware to take screenshots of the victim during various browsing periods including track down of credentials while accessing banking-related websites.

NordLocker report says that the malware whose name is yet to be identified was super-active between 2018-2020 and became dormant from February this year.

There is no confirmation from the security firm on whether the hackers behind this malware spread were only interested in companies and users from America or were also interested in those abroad. 

But the company did clarify that it did not purchase any database from the hacker nor did it steal data from the hackers.

Note- Cybersecurity Insiders is advising all online service users to change their passwords once or twice a month and is also urging them not to use the same password twice or on various platforms. At the same time, the password should be crafted as such that it involves alpha-numeric characters with 1 or 2 case-sensitive alphabets involving special characters in between.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display