Har du hørt om hr. Grå? Godt, ikke, at man. Mr. Grå, vi taler om, er en russisk hacker, der opdages at have deltaget i tyveri af 1.2 milliard passwords fra 420.000 hjemmesider. According to both researchers and journalists, the hack is one of the biggest data harvests in the history of cybercrime.
Who Is Mr. Grå?
The hacker is said to be part of the infamous hackers group known as CyberVor. I 2014, CyberVor made the headlines when they succeeded in stealing the 1.2 milliard legitimationsoplysninger.
The FBI has now connected a single individual – yours truly Mr. Grey – to the malevolent operation. The American bureau successfully traced back Mr. Grey via open source data such as email addresses shared on Russian underground forums used for cybercrime. The hacker is told to have used those forums to sell the stolen data that had been gathered from social media accounts (Facebook, Twitter, VKontakte). The American officials haven’t commented on their findings regarding Mr. Grå.
Hold Security Revealed the Biggest Credentials Theft
According to Hold Security, the attackers have used bots to find 420.000 hjemmesider, all found out to be prone to SQL injection attacks. Those pages became known to the attack’s authors, who then harvested user credentials from the vulnerable servers.
Investigation indicates that the initial number of stolen private data (brugernavne og adgangskoder) was above 4.9 milliard, but when duplicates were removed, 1.2 billion remained. Også, 542 million of the email addresses were defined as unique.