By John Leyden, 2 Sep 2014
Anecdotal evidence is emerging that the Russian botnet raiders behind the "biggest-ever" password theft have begun attacks against web services using stolen login credentials.
The CyberVor gang is reported to have amassed a vast stockpile of compromised login credentials for "1.2 billion" accounts, Hold Security warned in August. CyberVor appears to have lifted many of these passwords after breaking into 420,000 websites vulnerable to SQL injection attacks, among other techniques.
LA-based domain registrar and hosting firm Namecheap warned on Monday that hackers have begun using the list to try to access its users' accounts.
Namecheap said it had become aware of the ongoing assaults thanks to alerts from its intrusion detection systems of a "much higher than normal load against our login system [using] username and password data gathered from third party sites". Most of the attempts are failing but some appear to be getting through, prompting Namecheap to suspend accounts it fears may have been compromised as well as blocking IP addresses associated with the attack, as explained in a support notice by the hosting firm.
The Register/ full article here/ http://www.theregister.co.uk/2014/09/02/cybervor_linked_hack_detected/
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.