Quoted on SecurityWeek.com over the 32,8 M Twitter accounts leaked

Source: http://www.securityweek.com/32-million-twitter-credentials-emerge-dark-web

Author: Ionut Arghire, Security Week


The cybercriminal behind the claimed Twitter leak is the same hacker who was previously attempting to sell stolen data from Myspace, Tumblr and VK user accounts, namely Tessa88@exploit.im. The Twitter credentials have already made it online on paid search engine for hacked data LeakedSource, which says it received a total of 32,888,300 records, each containing user’s email address, username, possibly a second email, and a password.


What is yet unclear is how old the supposedly leaked data is, since LeakedSource doesn’t provide specific details on that, although they do suggest that some credentials might be only a couple of years old. Furthermore, IT Security expertSorin Mustaca tells SecurityWeek that the manner in which these credentials were stolen isn’t that clear either.

“Interesting enough, Leakedsource writes that they “very strong evidence that Twitter was not hacked”, rather the users got infected with some malware which stole credentials directly from the browsers of any account, not only Twitter’s,” Mustaca says. “However, there is no clear evidence presented that this is indeed the case. Their explanation for malware stealing credentials from browser is not entirely valid.”

Although malware that targets browsers to steal user data is not unheard of, Mustaca explains that browsers store credentials encrypted, and that a master password is required to decrypt them. “Sometimes this password is the logged on user’s password, sometimes it is independent of the logged on user. But there is always a password,” he says.


passwords passwords2

According to Mustaca, the question that we need to ask ourselves is how the hacker ended up obtaining exactly Twitter accounts and the password in plain text. “And where are the other accounts?,” Mustaca also asks. If malware was indeed used to harvest these credentials, the attacker should have ended up with a whole lot of other user data as well, pertaining to other online services.

© Copyright Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: