1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Russian gang grabs 1.2 billion passwords, firm claims

Discussion in 'Article Discussion' started by Gareth Halfacree, 6 Aug 2014.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    11,520
    Likes Received:
    1,344
  2. ArcAngeL

    ArcAngeL New Member

    Joined:
    14 Nov 2006
    Posts:
    96
    Likes Received:
    0
    I think I came across this syndicate, had infected a vulnerable windows server that was querying every public ip for vulnerabilities and logging them. They had used a MySQL exploit to high jacked the system account and generated themselves their own local admin and had RDP'd into the server loaded their software and launched their attack from the server, it appeared like it had acted like a worm, compromised the server and used it to spread to more compromised, collecting vulnerable servers in its wake.

    I changed their local password and logged in on their active login connection to see the exploit running. I took all their data and the source ip from where the initial exploit on our server had come from. And send it onto authorities.
     
  3. Umbra

    Umbra New Member

    Joined:
    18 Nov 2013
    Posts:
    636
    Likes Received:
    17
    ^^^ That, unless they can prove it.
     
  4. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    8,944
    Likes Received:
    268
    This sound so much like a scam. If it wasn't that this Hold Security was (from what i read) the same firm that revealed the Adobe and Target breaches i would outright say it is a scam. :confused:
     
    Last edited: 6 Aug 2014
  5. ZeDestructor

    ZeDestructor Member

    Joined:
    24 Feb 2010
    Posts:
    226
    Likes Received:
    4
    It does indeed (that timing is seriously suspicious), but they seem to indeed have the experience to back it (I confirmed the Adobe work when I tracked it down, but got bored and didn't check the Target announce).

    /me primes Keepass' password generator.
     
  6. Corky42

    Corky42 What did walle eat for breakfast?

    Joined:
    30 Oct 2012
    Posts:
    8,944
    Likes Received:
    268
    It seems this has attracted the attention of the FBI.

    FBI probing reported theft of 1.2 billion Internet credentials
    http://www.reuters.com/article/2014/08/19/us-cybercrime-breach-russia-idUSKBN0GJ2AH20140819
     

Share This Page