A group of Russian hackers would hold the sensitive data of 1.2 billion accounts, attracting more than 400,000 sites around the world. Many of the affected sites are still vulnerable.
The world of computer security is in turmoil: a group of Russian hackers is officially in possession of 1.2 billion credentials of web users, including username, password and email address. The discovery is about Hold Security, a highly rated American company in the industry and known to most for discovering the hack that last year hit Adobe.
But this time the numbers are really frightening and they shudder every similar action of the past: it is as if the Russian group had tried to hit every site on the face of the earth. We estimate in fact in 420,000 the websites concerned, ranging from large company to small Internet shops.
At the moment Hold Security has not for now made known the names of the victims, a little ‘ for NDA agreements (not disclosure agreement), a bit ‘ because most sites is still vulnerable; The company will try to contact most of the portals and then publish the list at a conference to allow everyone to protect themselves and prevent further attacks. According to the Ultme News, a team of experts in charge of the New York Times examined the data of Hold Security and considered them absolutely authentic: the big blow actually was there.
The criminal organization seems to operate in a small town in central Russia, between Kazakhstan and Mongolia, consists of no more than fifteen boys around 20 years of age and operates as a small company in all and for everything; At present there are no links with the Russian government, which would also be confirmed by the fact that the objectives of criminal action were sites all over the world and not just Americans. It seems that the “packets” of credentials have not yet been used or sold to other organizations, but of course the risk exists.
Always according to Hold Security, the logic of action was very ingenious: first a large-scale infection (with unknown mode) was disseminated via botnet, which allowed hackers to assess the vulnerability of sites on large scale. In practice the bot (present in the PC of the unsuspecting victim) has verified, for each site visited by the user, the vulnerability of the same to the technique used by hackers, known as SQL Injection. If successful, the hackers would then return later to extract the contents of the database. And a little at a time, the stolen identities became 1.2 billion.