Oceanside CA- Hackers have posted over two million stolen passwords for sites such as Facebook , Google, Yahoo and other web services, and though it is not known how old the details are, security experts warn that even out-dated information poses a risk, reported BBC News.
Facebook had the most stolen credentials, at 318,121, followed by Yahoo at 59,549 and Google at 54,437. Other companies whose log-in credentials showed up on the command-and-control server included LinkedIn and two Russian social networking services, VKontakte and Odnoklassniki. The botnet also stole thousands of FTP, remote desktop and secure shell account details.
The details had probably been uploaded by a criminal gang, security experts said. It is suspected the data was taken from computers infected with malicious software that logged key presses. It is not known how old the details are – but the experts warned that even out-dated information posed a risk. “We don’t know how many of these details still work,” said security researcher Graham Cluley. “But we know that 30-40% of people use the same passwords on different websites.”That’s certainly something people shouldn’t do.” Analysis of the passwords by Trustwave showed a familiar picture – the most popular password, found in the database over 15,000 times, was “123456”