Tech

Password collections on the web: where does the data come from?






They contain billions of logins, probably yours too. You can find them in the underground forums of the Internet. But where do the passwords in these data collections come from?

Password collections with millions, sometimes billions of log-in data are circulating in underground forums on the Internet. The criminals get the data mainly from these three sources:

Password databases on servers:

Most data is captured by attackers if they can hack a company’s server and steal the database with all customer information. In this way, you receive millions of log-in data in one fell swoop, often with additional information about the users.

Phishing attacks:

The security specialist Acronis states in its annual report for 2020 that this year 1.5 million new phishing websites have been created on the Internet every month. If you think phishing sites are easy to spot, take a look at the two websites to the right: the top one is a phishing site.

By the way:

An analysis by Kaspersky shows that phishing scammers not only use e-mails but also messenger apps. According to this, 94,559 malicious links in connection with messengers were discovered worldwide between December 2020 and May 2021. That corresponds to more than 500 incidents per day.

Data theft from PCs and smartphones:

A third large source of data are the users’ PCs and smartphones when they have caught a Trojan horse of the “Password Stealer” type. These pests specialize in stealing passwords, cookies and other log-in data from a user’s PC.

Recently, a 1.2 TB database appeared on underground forums containing data from 3.25 million Windows PCs. A Trojan horse stole it. The data includes two billion cookies, of which 22 percent were still valid when the database was discovered and enabled logging in to Aliexpress, LinkedIn or Steam, for example. In addition to cookies, there are 1.5 million Facebook passwords and 19.4 million login data from the Google Chrome password manager. Specialists from Nordlocker were able to determine this.

One website is real and the other is a phishing website. Hardly anyone recognizes the minimal differences. The lower one is real.

Enlarge

One website is real and the other is a phishing website. Hardly anyone recognizes the minimal differences. The lower one is real.

Reading tip:

Find out whether your password is on the Internet

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button