Compromised user accounts posted on Pastebin

Compromised user accounts posted on Pastebin

Proof is a key component to hacking and some hackers have been taking to Pastebin to share their spoils.

A recent study by Information Security Company High-Tech Bridge discovered over 300,000 compromised accounts shared on Pastebin over a 12-month period.

Pastebin, a website where you can share text, is used mostly by programmers to share code snippets; it has also become a place where hackers can distribute their work.

In the study, High-Tech Bridge found along with the 300,000 username, passwords, some credit card numbers, addresses and telephone numbers tied to some accounts.

password security threat category

An interesting finding was that almost all the passwords didn’t consist of the familiar weak passwords like “qwerty” or “password”.

According to High-Tech Bridge, most of the stolen passwords were still pretty simple. Glad to see passwords are evolving for some.

Of the data, 40.9 percent of the accounts came from email systems with Social Networks accounting for 13.1 percent. Not surprising, the most compromised email accounts were the top three free web-based email services; Gmail, Hotmail, and Yahoo.

The number of compromised accounts seems large, but it represents a small portion of all accounts hacked in the past 12 months. Much of the selling and trading takes place underground.

“It’s impossible to make a precise estimate of how many user accounts were really compromised,” said High-Tech Bridge CEO Ilia Kolochenko. “But I think we can speak about several hundreds of millions at least. People finally need to understand that the Internet is very hostile place, while online service providers need to finally start taking network security seriously.”

Findings like this are another reminder to use strong passwords, change them often, and use different passwords for each account—preferably a completely different username too.

ABOUT THE AUTHOR

Armando Orozco

Senior Malware Intelligence Analyst

Faux geek who likes to keep it bland. Experienced in behavioral, PC, and mobile technologies.