- 99% of Organizations Report API-Related Security Issues
- Packaged offerings promise to make AI infrastructure deployment easier
- Everything announced at Amazon's Alexa event today: Alexa Plus, new Echo Show UI, and more
- Missing MagSafe on your iPhone 16e? Here's how to easily add it: 2 ways
- Lenovo renews ThinkSystem lineup for AI workloads and more
HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers
A popular breach notification site has added over millions of new passwords and email addresses originally harvested from users via infostealer malware.
HaveIBeenPwned (HIBP) founder Troy Hunt said he added 244 million new passwords and 284 million new email accounts to the database, after trawling through 1.5TB of stealer logs shared on Telegram.
The account, which Hunt claimed was a “major distribution channel” for infostealer logs on Telegram, is dubbed “Alien Textbase.” They logs were published to the platform in 744 individual files.
On Febrary 25, HIBP introduced two new APIs which will allow domain owners and website operators to identify customers with compromised email addresses and/or passwords, by querying stealer logs via email and website domain.
“Both these new APIs are orientated towards larger organisations and can return vast volumes of data,” Hunt said.
Although the APIs are a paid service, regular subscribers to HIBP can also check if their accounts have been compromised.
The news comes just days after HIBP added 12 million compromised accounts that were published on BreachForums at the end of January, although Hunt admitted at the time that 93% of this data was already in the HIBP repository.
Infostealers are a growing threat to corporate and consumer security. Earlier this month, Check Point warned that it had recorded a 58% increase in attacks using the malware, and that it detected over 10 million stolen credentials associated with EMEA organizations available for sale on the dark web.
Infostealers are spread via various channels, including phishing messages, drive-by-downloads, malicious ads, and hidden in legitimate-looking or pirated software. Stolen data such as credentials, crypto assets, credit card info and more is then compiled into logs and sold online by ‘vendors’ like Alien Textbase.
Credential theft via this category of malware is particularly dangerous to corporates. The major data breaches associated with Ticketmaster, AT&T and others were caused when hackers managed to access their Snowflake accounts via compromised credentials taken by infostealers.
