The IT Nerd

You might recall that I posted a story on a 773 million record breach that seemed to come out of nowhere. Well, Brian Krebs dug in and discovered that this breach is not new and didn’t come out of the blue:

KrebsOnSecurity sought perspective on this discovery from Alex Holden, CTO of Hold Security, a company that specializes in trawling underground spaces for intelligence about malicious actors and their stolen data dumps. Holden said the data appears to have first been posted to underground forums in October 2018, and that it is just a subset of a much larger tranche of passwords being peddled by a shadowy seller online.

There’s more. Krebs found the hacker behind this who goes by the name “Sanixer ” who said this:

Sanixer said Collection#1 consists of data pulled from a huge number of hacked sites, and was not exactly his “freshest” offering. Rather, he sort of steered me away from that archive, suggesting that — unlike most of his other wares — Collection #1 was at least 2-3 years old. His other password packages, which he said are not all pictured in the above screen shot and total more than 4 terabytes in size, are less than a year old, Sanixer explained.

Collection one is the breach that “appeared” the other day. And it’s 2-3 years old which implies that miscreants could have been exploiting that data for about that long. And he has more of these. Lovely.

The rest of Kreb’s article details why these sorts of collections of usernames and passwords are valuable, as well as what you can do to protect yourself. It’s a very interesting read and something that you should devote some time to. Seriously.

This entry was posted on January 18, 2019 at 12:49 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.