Recent news of massive data breaches suffered by IT giants LinkedIn, MySpace, Tumblr, and VK.com shocked the security industry. Millions of login credentials are available for sale in the principal black markets, experts believe that the hacker behind the leaks is a Russian guy that now is claiming to be in possession of 32 Million Twitter Passwords and offered them in the criminal underground.
The alleged Russian hacker is attempting to sell 32 Million Twitter Passwords for 10 Bitcoins (over $5,800). Also in this case, I invite you to give a look to LeakedSource specialized in data breaches that indexes leaked login credentials from the stolen dumps.
“Twitter credentials are being traded in the tens of millions on the dark web. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data. This data set was provided to us by a user who goes by the alias “Tessa88@exploit.im”, and has given us permission to name them in this blog.” reported LeakedSource.
We have investigated reports of Twitter usernames/passwords on the dark web, and we’re confident that our systems have not been breached.
— Michael Coates ஃ (@_mwc) 9 giugno 2016
According to LeakedSource, the data set contains 32,888,300 records, its experts believe that the data was obtained through a malware-based attack.
“We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.” continues LeakedSource. “The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter.”
Below the motivations provided by LeakedSource:
The unique certainly is that hackers are selling millions Twitter account credentials, also yours, don’t waste time and change your password on Twitter and also on all the other social media where you used same credentials.
Let’s close with a look to the top passwords used by Twitter.com, Opsss … once again ‘123456’ is the most popular.