Hackers hacked over 3 million iTunes accounts?

On Tuesday, there were reports of leaked 3,887,882 iTunes accounts on the Internet . Unknown people posted the database with accounts and passwords on Pastebin.com and a number of other sites. Currently, these entries have already been deleted, however, some statistics are available to us, which are given below.

The following passwords are most often found in the published file:



Most of the passwords here are fairly well-known, they top such “ratings” year after year. In studyPositive Technologies, dedicated to corporate network security in 2013, the password “123456” was the most popular even among system administrators: it was used by internal network administrators in every third system. Unfortunately, in spite of all such leaks, simple dictionary passwords remain the most widespread vulnerability even where the existence of a corporate security policy is assumed.

On the other hand, the list of the most popular passwords from hacked iTunes accounts has unexpected options that raise questions - for example, EBEANS. The rating of mail domains most often found in the database also seems strange. Are there really so many iTunes fans who use the old Hotmail service?



And here are the ten most common mail domains from the .ru zone. There are some oddities here too:



At the moment, it is not known whether this leak is the result of exploiting some new vulnerability, or whether it is made up of many databases collected at different times using various attacks, including phishing, trojans and brute force. How "live" are the accounts in this database is also not yet known.

Recall that in early September, millions of databases of hacked accounts were published for Yandex.Mail, Mail.ru and Gmail. At the same time, some experts noted that the “leaks” were most likely collected from many different bases (including very old ones), and they were laid out all at once to achieve a certain resonance in public opinion. For example, to promote two-factor identification or USB keys. It’s possible that the story of hacking iTunes is of the same sort.

UPD: According to the results of data validation by a number of mail servers, the next “compilation of old developments” was presented, and it was updated several months ago. At the same time, there are actually working accounts in the list.