Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Behind Biggest-Ever Password Theft Begin Attacks

Posted by Soulskill on from the 123456-letmein-iloveyou-trustno1 dept.

An anonymous reader writes Back in August, groups of Russian hackers assembled the biggest list of compromised login credentials ever seen: 1.2 billion accounts. Now, domain registrar Namecheap reports the hackers have begun using the list to try and access accounts. "Overnight, our intrusion detection systems alerted us to a much higher than normal load against our login systems. ... The group behind this is using the stored usernames and passwords to simulate a web browser login through fake browser software. This software simulates the actual login process a user would use if they are using Firefox/Safari/Chrome to access their Namecheap account. The hackers are going through their username/password list and trying each and every one to try and get into Namecheap user accounts." They report that most login attempts are failing, but some are succeeding. Now is a good time to check that none of your important accounts share passwords.

3 of 107 comments (clear)

  1. Re:Notified and ignored? by Enry · · Score: 5, Informative

    From the namecheap link:

    I must reiterate this is not a security breach at Namecheap, nor a hack against us. The hackers are using usernames and passwords being used have been obtained from other sources. These have not been obtained from Namecheap. But these usernames and passwords that the hackers now have are being used to try and login to Namecheap accounts.

  2. Re:Two-Factor Authentication by Technician · · Score: 5, Informative

    If you have a Gmail account, look for the Last Account Activity at the bottom right. Use the Details link to see your recent history. Set your preferences to alert you to unusual account activity. More accounts should notify you of unusual logins and login attempts.

    --
    The truth shall set you free!
  3. Re:Notified and ignored? by Charliemopps · · Score: 5, Interesting

    If so, and they ignored it, oh well, it's your own damn fault.

    I hear this argument a lot. But the fact of the matter is, if you're neighbor is stupid enough to let their kids play with matches... yes, that's their fault, but that doesn't mean your house isn't going to burn down right along with theirs. A breach of this scale could have repercussions for the internet as a whole. I run into this attitude at work all the time... lets say we're building a website and we put a button on the screen over to the right, but if they have the window too small they can't see that button. Someone invariably says something to the effect of "Well, you'd have to be an idiot to have your window shrunk down to that size! It's their own fault for being stupid!" at which point I pipe up and say "We want stupid peoples money to don't we?"

    You can't just ignore stupid people on the net. That's about 99.99% of people, and they're paying for the rest of us to actually use it properly.