AFP Photo/Shah Marai (think IN pictures @1WORLD Community)
SitiWanMahani - Lebih dari 2 juta kata laluan untuk laman rangkaian sosial popular seperti Facebook dan Twitter, serta akaun Google dan Yahoo telah dicuri dan disiarkan dalam talian, dengan rangkaian sosial Rusia Vkontakte dan Odnoklassniki juga mema-parkan pada hitlist itu.
Firma keselamatan Internet Trustwave terdedah simpanan data yang luas, berkata dalam blog yang botnet yang bertanggungjawab - digelar Pony - telah dituai maklumat daripada beribu-ribu komputer terdedah pada skala GLOBAL. Maklumat ini termasuk butiran login, alamat e-mel dan kata laluan.
Keseluruhannya, 1580000 laman web kelayakan login yang dicuri, bersama 320,000 e-mel dan 41,000 akaun FTP.
“Kebanyakan dikompromi web log-in milik laman web dan perkhidmatan popular seperti Facebook, Google, Yahoo, Twitter, LinkedIn, dan lain-lain,” kata blogpost itu, sambil menambah bahawa kehadiran kedua-dua vk.com dan odnokklassniki.ru, “mungkin menun-jukkan bahawa sebahagian yang baik daripada mangsa terdiri adalah penceramah Rusia.”
Two million passwords for Facebook, Twitter
and Google posted online
Over 2 million passwords for popular social networking sites such as Facebook and Twitter, as well as Google and Yahoo accounts have been stolen and posted online, with Russian social networks VKontakte and Odnoklassniki also featuring on the hitlist.
Internet security firm Trustwave exposed the extensive data hoard, saying in its blog that the responsible botnet – dubbed Pony – had harvested information from thousands of vulnerable computers on a global scale. The information included login credentials, email addresses and passwords.
In total, 1,580,000 website login credentials were stolen, alongside 320,000 email and 41,000 FTP accounts.
“Most of the compromised web log-ins belong to popular websites and services such as Facebook, Google, Yahoo, Twitter, LinkedIn, etc.,” stated the blogpost, adding that the presence of both vk.com and odnokklassniki.ru, “probably indicates that a decent portion of the victims comprised were Russian speakers.”
Imej Ihsan spiderlabs Trustwave (Image courtesy of Trustwave spiderlabs - think IN pictures @1WORLD Community)
Facebook telah menyatakan bahawa tidak ada perlanggaran keselamatan sistem mereka telah berlaku, meletakkan kesalahan ke atas pengguna tertentu yang gagal untuk memastikan keselamatan mereka sendiri. "Nampaknya komputer orang mungkin telah diserang oleh penggodam menggunakan malware untuk mengikis maklumat terus dari pelayar web mereka, " kata seorang jurucakap Facebook memberitahu BBC. Mereka pergi untuk menyerlahkan bagaimana untuk memintas insiden itu dengan Facebook, contohnya dengan mengaktifkan kelulusan Masuk dan pemberitahuan.
Twitter juga bertindak balas kepada berita itu, memberitahu HuffPo bahawa mereka " serta-merta menetapkan semula kata laluan akaun terjejas. "
Menganalisis akaun yang baru bocor, pasu-kan Trustwave itu mendapati bahawa 10 kata laluan yang paling biasa digunakan terdiri daripada 2.4 % peratus daripada keseluruhan itu, yang mendedahkan baha-wa orang-orang cenderung untuk memilih-nya kemudahan akses ke atas keselamatan untuk akaun mereka.
Kata laluan yang paling kerap dicuri adalah mengejutkan yang satu paling lemah, dengan yang paling popular ialah “123456.” Yang ke-2 adalah “123456789,” kemudian “1234” dan “kata laluan.”
Penyelidik keselamatan, Graham Cluley, memberitahu BBC bahawa “30 - 40 % peratus daripada orang menggunakan kata laluan yang sama di laman web yang berbeza . . . sepatutnya sesuatu yang mana orang2 (sesiapapun) tidak patut melakukannya.”
Facebook has stated that no security breach of their system had taken place, putting the blame on particular users who failed to ensure their own security. “It appears that people's computers may have been attacked by hackers using malware to scrape information directly from their web browsers,” a Facebook spokesperson told the BBC. They went on to highlight how to circumvent such incidents with Facebook, e.g. by activating Login approvals and notifications.
Twitter also responded to the news, telling HuffPo that they “immediately reset the passwords of the affected accounts.”
Analyzing the newly leaked accounts, the Trustwave team found that the top ten most commonly used passwords comprise 2.4 percent of the total count, exposing that people tend to choose ease of access over security for their accounts.
The most frequently stolen passwords are unsurprisingly the weakest one, with the most popular being “123456.” In second was “123456789,” then “1234” and then “password.”
Security researcher, Graham Cluley, told the BBC that “30-40% of people use the same passwords on different websites . . . that's certainly something people shouldn't do.”
READ MORE: http://on.rt.com/c3zswd
No comments:
Post a Comment