Online security is never an easy issue to fathom, but as over two million people with social media accounts have discovered, it’s something they may have to learn a little more about. A group of hackers recently attacked a wide variety of social media sites and email account providers by stealing passwords, as well as a number of other login credentials of similar importance.
Hackers behind the Pony botnet, which has already attacked various websites in the recent past, have published the stolen passwords online in order to sell on to other criminals who in turn may seek to profit from them. The spread of those attacked was global, although more than 96% of those affected were based in the Netherlands, having Dutch IP addresses.
Another problem with social media security breaches is that once a hacker has accessed an account, it can reveal a great deal of information about the account holder. For example, some social media sites have a “check in” feature, where they can let their friends know where they are located. If a hacker has access to this information, however, he or she would know when the account holder is away from home. This puts the accountholder’s personal property at risk, since the hacker can either break into the person’s home while no one is there or sell the information to someone else.
Many of the sites embroiled in the Pony attack are among the biggest names in social media. They include Facebook, Yahoo, Twitter and LinkedIn, the former two announcing that some of their users had indeed been infected by the botnet. What seems more startling is that social sites with regional reach such as Russia-based vk.com were also attacked, reflecting the scale of this incident.
The botnet had managed to wreak havoc by installing malware on computers worldwide, adding them to the botnet. Then, the malware logged keyboard movements, capturing the passwords which then got published online. Incidents like this are rare, but when they happen, those subjected to cybercrime wonder what the cause is. Looking at the list of passwords, it seems pretty obvious.
Lessons not learned
Many of the passwords stolen were very simple in nature, containing either a set of numbers which were very easy to memorize or, shockingly, the word ‘password’. Some passwords were also too short, thereby making it a breeze for keylogger technology to capture them and change them, leaving the affected account holder unable to log in.
Improving password strength seems like an ideal solution, but that may not be enough. Andrew Mason, a security expert with RandomStorm, suggested that it will require a couple of major steps in order to keep social media accounts more secure:
“This just goes to show about the importance of endpoint security combined with a strong password. Even the strongest password is worthless if the endpoint it is being used on is either untrusted or trusted but insecure allowing a bonnet such as Pony to be run on it and the subsequent password key logger”, he said.
“Once the key logger is installed it is very easy to harvest usernames and passwords for whatever the user types in during the course of their normal day. By ensuring proper endpoint security and at a minimum patching and up to date AV deployment these types of attacks can be totally eliminated.
“The second area of concern from the article is the use of weak passwords. Again, without a strong password it makes the job of a hacker so much easier being able to use an automated tool to crack many passwords per second”, he concluded.