October 20, 2014 at 14:31Facebook has launched a system for collecting and verifying data of compromised accounts
The social network Facebook, after a series of major data leaks from user accounts Gmail, Yandex and other resources, decided to launch a new system for collecting and checking such data. The principle of operation of the system is simple - on the Web are searched for login / password pairs for accounts that are posted in the public domain (for example, on Pastebin). Then the correctness of the data is checked, and if the pair is suitable, the owner of the compromised account receives a warning about the need to change the password.
At the same time, any detected login / password pairs are checked, regardless of whether the data belongs to any service. In other words, if an attacker posted such data for Gmail, Yahoo, Outlook Mail - Facebook will check whether the username and password match any Facebook account. The authors of the system explain this by the fact that users very often use the same usernames and passwords for many services, so you need to check everything.
The process of finding and collecting such information is fully automated. In addition, encryption is used in the collection and verification of information. And verification is carried out in a manner similar to regular Facebook user authentication. According to the authors of this system, no data is transmitted in plain format.
On my blogFacebook provides such details of the technical verification process:
1. Upon detection of a set of stolen accesses, this data is transmitted to the parser program, which brings the login / password pairs into a unified form;
2. After the data is parsed, the automatic system breaks each pair on the Facebook base, and all the data being checked is hashed using a special algorithm, plus a unique salt identifier is added;
3. If the username / password pair does not pass, then no further action is taken;
4. If the pair is suitable, the user of such an account is notified of the need to change the password the next time they log into the account.