Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.


Hackers stole 2 million passwords

06 December 2013, 08:51

Washington - The discovery of some two million stolen online passwords this week prompted fresh warnings from security researchers to strengthen protection from hackers.

US-based security firm Trustwave said it located the stolen credentials on a server in the Netherlands, affecting accounts from Facebook, Google, Yahoo and other major firms.

Trustwave said in a blog post that many of the compromised accounts had weak passwords - sometimes with fewer than four characters.

Only five percent were rated "excellent" with eight or more characters. And many were easy to guess such as "1234" or "123456."

"Unfortunately, there were more terrible passwords than excellent ones, more bad passwords than good, and the majority, as usual, is somewhere in between in the medium category," the blog post said.

The compromised accounts were linked to a "botnet" called Pony, which infected computers with malware and allowed hackers to remotely access the devices.

Victimized computers were found in some 100 countries, the statement said. "The attack is fairly global and ... at least some of the victims are scattered all over the world."

Independent security researcher Graham Cluley said the incident was a large-scale version of a common type of attack.

Multiple re-use

"Innocent users' computers have become infected with malware, which grabbed login details as they were entered by users," he said in a blog post.

"This data was then transmitted to the cyber criminals - either so they could access the accounts themselves or [more likely] sell on the details to other online criminals."

Serge Malenkovich of the security firm Kaspersky said cyber criminals can also steal credentials from people who check their e-mails or Facebook accounts from a public computer.

"This could be quite unpleasant by itself, but the problem will become even worse if you have a habit of re-using the same password for multiple online services," Malenkovich said.

"As password theft happens more often, this habit has become even more dangerous, especially if you consider that your daily routine now includes persistent access to financial transactions - from classical online banking to fund transfers using Gmail attachments. That's why a seemingly innocent Twitter password theft might eventually lead to the loss of real money."



Read News24’s Comments Policy

Comment on this story
Comments have been closed for this article.

Read more from our Users

Submitted by
George Vodongo
Peter Kenneth will not run for Pr...

He clarified that he will not run for Presidency in 2017 as he supports Uhuru Kenyatta’s re-election bid. Read more...

Submitted by
Ben Wangui
Exams should not have political g...

He also said that school properties must not ‘carry any political portraits’. Read more...

Submitted by
S Mbinya
Matatu crew drugs female passenge...

Hours after the story was circulated on social media Sunday, the crew was traced at Dagoretti and arrested. Read more...

Submitted by
S Mbinya
How to get rid of cellulite at ho...

Proper diets and a healthy lifestyle are among the most effective natural remedies for cellulite. Read more...

Submitted by
George Vodongo
Peter Kenneth is not a good leade...

A local activist has slammed the former Presidential candidate Peter Kenneth for only appearing during elections but going underground when the country has problems.  Read more...

Submitted by
Ben Wangui
Javelin champion Julius Yego invo...

He is undergoing treatment at the Medihill hospital in Eldoret. Read more...