Photo: Mario De Fina / Globallookpress.com
A huge database of email addresses and passwords from them found in the public domain. It is reported by Australian security researcher Troy hunt on his blog.
According to the expert, he found the text files containing the user data contained nearly 42 million accounts in an unencrypted form. The documents were uploaded to free hosting anonymous kayo.moe.
Hunt noted that they discovered bundles address and password are typically used in attacks called credential stuffing — hackers maintain lists of stolen user data from the same sources and then use them to crack accounts at other various online services. This method works in the case if the victims use the same password everywhere.
The specialist stated that he could not discover how all this data was stolen. He also suggested the users to check on the website haveibeenpwned.com if passwords are ever compromised by hackers. In addition, hunt was advised to use different passwords for each online service.
Previously, experts in the field of cyber security said that the most dangerous botnets Mirai and Gafgyt updated tools for attacks on large corporate networks. The creators have added new codes to exploit old vulnerabilities.
Video, photo All from Russia.