Hacker Sells Database With 32 Million Twitter Accounts

According to The Hacker News, an unknown hacker sells accounts for more than 32 million Twitter users - the price of the archive is 10 bitcoins (more than $ 5800 at the current rate).

Information about the archive of compromised microblogging service accounts was first published on the LeakedSource project blog - this site collects information about the data of various services that have leaked to the network. Representatives of the project on the blog said that a hacker gave them a copy of the archive under the nickname Tessa88 - last week he published a database that included the credentials of 1 million users of the VKontakte social network (company representatives later said that the database was old and the users were notified )



A person with the same pseudonym “ leaked ” the base to more than 400 million MySpace accounts at the end of May.

The database with Twitter user credentials includes usernames, postal addresses (sometimes an additional email), as well as passwords stored in unencrypted form - for just over 32 million accounts.

Representatives of Twitter categorically rejected the possibility of hacking, saying that "these credentials were not obtained as a result of a leak from Twitter," and the company's systems were "not hacked."

LeakedSource representatives are convinced that the data leak was the result of malicious software.

“Tens of millions of people“ caught ”a virus that intercepted the entered credentials of social networks, including Twitter, in browsers like Chrome and Firefox and sent them to hackers.”

According to Positive Technologies experts, in order to steal the credentials of so many social network users, attackers had to create a huge botnet - with the declared number of compromised accounts in excess of 32 million, the malicious software had to be somehow installed on tens of millions of computers (up to 100 million cars).

Creating such a botnet is unlikely - theoretically it is possible, for example, by exploiting low-level and mass vulnerabilities for a long time. However, in this case, it is more likely to use a scenario with cross-checking accounts that have already "leaked" from other services.

The Hacker News editors recall the hacking situation in this regardTwitter account of Facebook founder Mark Zuckerberg. Hackers managed to get his credentials by hacking another LinkedIn social network - they managed to get a hashed version of Zuckerberg’s password and crack it. The same password was used in Twitter and Pinterest accounts of the Facebook CEO.

Therefore, there is a possibility that the database sold by the hacker includes accounts and passwords stolen earlier during other hacks (LinkedIn, MySpace, Tumblr ), and Twitter did not directly hack.

However, while the origin of the leaked credentials is unknown, Positive Technologies experts recommend that all Twitter users change their password - and if it was used on other sites, then change their passwords.