Hacker sells database with 32 million Twitter accounts

According to The Hacker News, an unknown hacker sells accounts of more than 32 million Twitter users - the price of the archive is 10 Bitcoins (more than $ 5800 at the current rate).

Information about the archive of compromised microblogging service accounts was first published in the blog of the LeakedSource project - this site collects information about the data of various services “leaked” into the network. Representatives of the project in a blog stated that a hacker under the nickname Tessa88 gave them a copy of the archive - last week he published a database that includes account information for 1 million VKontakte users (the company later said the database was old and the users were notified ).
')


A man with the same pseudonym “ merged ” the base on over 400 million MySpace accounts at the end of May.

The Twitter user credentials database includes usernames, email addresses (and sometimes additional email), as well as passwords stored in unencrypted form — for more than 32 million accounts.

Twitter representatives categorically rejected the possibility of hacking, saying that “these credentials were not obtained as a result of a leak from Twitter”, but the company's systems “were not hacked”.

Representatives of LeakedSource are convinced that the data leakage is the result of the work of malicious software.

"Tens of millions of people" picked up "the virus, which intercepted the entered credentials of social networks, including Twitter, in browsers like Chrome and Firefox and sent them to hackers."

According to experts from Positive Technologies, to kidnap the credentials of such a large number of social network users, attackers needed to create a huge botnet - with the stated number of modest accounts exceeding 32 million, the malicious software had to be somehow installed on tens of millions of computers (up to 100 million cars).

Creation of such a botnet is unlikely - theoretically this is possible, for example, by using the exploitation of low-level and mass vulnerabilities for a long time. However, in this case, it is more likely to use the script with cross-checking of accounts previously “leaked” from other services.

The editors of The Hacker News recalls in this regard the situation with the hacking of the Twitter account of Facebook’s founder Mark Zuckerberg. Hackers managed to get his credentials by hacking into another LinkedIn social network - they managed to get a hashed version of Zuckerberg's password and hack it. The same password was used in Twitter and Pinterest accounts of the CEO of Facebook.

Therefore, there is a possibility that the database sold by the hacker includes accounts and passwords previously stolen during other hacks (LinkedIn, MySpace, Tumblr ), and there was no direct hacking of Twitter.

Nevertheless, while the origin of the leaked credentials is unknown, experts at Positive Technologies recommend that all Twitter users change their password - and if it has been used on other sites, they will also change their passwords.