2 million accounts compromised – what happened…

ByCraig Haley

Stories are true that millions of social media accounts have been compromised after username and password combinations were posted online.

Passwords for services such as Facebook, Twitter and Yahoo were all published online, and were discovered by researchers working for security firm Trustwave.

But how were the passwords compromised?

The answer, in this case, appears to be some kind of keylogging botnet.

A botnet is a group of computers, all of which, unbeknownst to the user, are infected with the same malware, and are under the control of the same scammer. Any computer can potentially be a part of the botnet if it has been infected with malware, without the owner of the computer realising.

Keylogging malware is malware that records every keystroke you make on your computer, including passwords. The malware works out what information is important and sends it to the scammer.

In this case, the botnet of infected computers accumulated millions of usernames and passwords, and the scammers posted a large bulk of it on the Internet at the same time.

Users with up-to-date, quality security software installed are most likely safe since their security software would have most probably detected the malware before it sent any sensitive information away. However if you haven’t got such software installed, then changing your passwords for important online accounts may be a good idea.

The intrusion highlights two frustrating security issues that experts have been warning about for years.

One, judging by the amount of passwords that were stolen, it is clear that many users are not keeping their computers protected with adequate security software or running regular scans with their antivirus, thus allowing keylogging malware to remain undetected and transmit sensitive information.

Two, after analysis of the data posted online, it comes as little surprise that users still use predictable, popular, easy to guess passwords, with “123456” topping the charts once again.

Keep up-to-date with all our latest articles. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)