"Jeremiah Fowler, a veteran security researcher, recently stumbled upon 149,404,754 unique logins and passwords, totaling about 96GB of raw data. There was no encryption... and it didn't even have a password. Sharing his findings with ExpressVPN, Fowler noted, "The publicly exposed database was not password-protected or encrypted." The collection was so large and detailed that it wasn't just a list of names; it included emails, usernames, passwords, and the specific website links needed to log into the accounts."
"Perhaps most alarmingly, the cache also contained credentials linked to .gov domains from multiple countries. While not every government account leads to sensitive systems, their presence raises serious flags. "Exposed government credentials could be potentially used for targeted spear-phishing, impersonation, or as an entry point into government networks," Fowler noted. How the data was likely collected So, where did this mountain of data come from?"
"The evidence points to 'infostealer' malware. This is a type of malicious software that, once installed on a victim's device, silently records every keystroke, including usernames and passwords, and sends it back to a hacker's server. The database's technical setup was classic for this kind of operation. It was designed to automatically index and organize a constant stream of stolen data for easy searching."
A publicly exposed database held 149,404,754 unique logins and passwords, totaling about 96GB of raw data without password protection or encryption. The dataset included emails, usernames, passwords, and direct website login links covering consumer services, cryptocurrency exchanges, dating sites, and .gov domains from multiple countries. Exposed government credentials could enable targeted spear-phishing, impersonation, or entry into government networks. Technical evidence indicates infostealer malware captured keystrokes and transmitted them to a hacker server. The database was indexed for easy searching, and the number of records continued increasing during the removal process as new stolen data arrived.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]