The FBI is going after a Russian hacker who states to have taken about 1.2 billion unique email and password combinations and also can grant access to Facebook and Twitter accounts that have been hacked. This was made public in a Federal Milwaukee Court
The FBI’s investigation was started when the CISO Hold Security in Milwaukee warned in August 2014 that he had found discovered what appears to be the largest data breach known to date. Hold Security calls the hacking group CyberVor – “vor” is Russian for thief and said the gang collected a mass of stolen credentials partly by scanning websites for known flaw and started to collect roughly 1.2 billion username and password combinations with more than 500,000 email addresses and 4.5 billion records in total.
With Hold Security releasing its CyberVor warning, the FBI search warrant notes that the bureau contacted Holden fort further details, But Mr Holden would not detail exactly how he had amassed the information.
263 GB of Data Stolen
Holden, did end up sharing 263 GB of raw text files with the FBI. The FBI reviewed the information of text files containing, inter alia: username and passphrase credentials, credit card information, Social Security numbers, email addresses and file transfer protocol (FTP) accounts. The FBI states it also found domain names tied to a known spamming outfit, as well as executable files designed to send spam and exploit SQL injection flaws to dump data from Internet-connected databases.
Two of the test email addresses associated with the malicious applications found by the FBI were “email@example.com” and “firstname.lastname@example.org,” States the FBI. Both of the email addresses lead to people engaged in illegal activities, since “test email addresses allow a spammer to send email to the test accounts to verify that the spam is working correctly … and troubleshoot any potential issues with the spamming utilities.”
FBI Goes After Hacker Forum
It is very common that the hackers and spammers will frequently reuse online nicknames or monikers in order to create a consistent online identity. The FBI search warrant states that the bureau’s agents logged into the Russian hacking forum “exploit.in” and found that a user named “mr.grey” had participated in discussions related to malware and spamming. Mr.grey also provided hacked accounts for multiple social networking sites, including Facebook, Twitter and VK (which stands for the Russian site VKontakte).