Cyber criminals did not wait until 2021 began in its real form before continuing to develop their business.
Already almost a month now, intrusions and acts of compromise have already begun to multiply. At this rate, 2021 is likely to be much more prolix in terms of cyber-harm than 2020 in the first half of the year.
This article will also interest you: Hotmail VS GMail
There are already several ransomware attacks, sabotage of structures, and of course data leaks. Speaking of data leakage, we talked about the huge dataleak, highlighted last week. A huge database known on the name of COM has fruited, containing nearly 3 billion login credentials and passwords. Identifiers used on famous platforms such as Gmail, LinkedIn, Hotmail, Netflix…
All the information contained in this leak has apparently already been shared on several forums dedicated to cybercrime. In other words COM is a compilation of several data from different leaks. This is not a new data leak according to CyberNews experts. This database was designed to facilitate the use of all data that may have been stolen during several other leaks. For this more than 15.2 billion accounts were hacked.
The CyberNews report states that the database contains 2.5 billion unique email addresses. As mentioned above, cyber criminals have managed to obtain all this information by hacking accounts on LinkedIn at Netflix again. Together these are quite popular messaging services, namely that of Google GMail and that of Microsoft Hotmail, both accounts for loan of 2 billion users. In the COM database, experts noticed that there were email addresses that leaked and during a LinkedIn hack that dates back to 2012. That's nearly 117 million ID data.
In its report, CyberNews notes that " COMB may well be the largest collection of stolen login data ever shared online. By comparison, COMB contains more than twice the amount of unique email pairs and passwords than the 2017 compilation in which 1.4 billion credentials were posted online. In addition, as well as the compilation of violations for 2017, the leaked COMB database also contains a script called "count_total.sh. However, unlike the 2017 leak, COMB also includes "query.sh" scripts for e-mail querying and "sorter.sh" for sorting the data it contains. At this time, it remains unclear which leaked databases have been included in COMB. However, examples seen by CyberNews show that the emails and passwords contained in the leak come from domains around the world. Many users reuse their passwords and usernames on multiple online accounts. ».
In other words, the consequences of such a database could be quite dramatic on consumers and organizations that could be directly affected. "This data can be used to launch identity card jams and other cyberattacks. Another problem is that cybercriminals can use the identity credentials of a user's social media accounts to pivot to other larger accounts such as their email or even their cloud storage. CyberNews explains.
Fortunately at this time this type of incident has not yet been reported. But to prevent cybercriminals from taking advantage of all this data in free flow, CyberNews experts recommend that Internet users opt for authentication and multiple factors, and use a password manager to better secure their account. They have also made available one that can verify if your data has been forced to leak.
In addition, the report published by CyberNews, there is a good chance that the COM database is directly related to the computer hacking of the water treatment plant in the city of Oldsmar, Florida. Indeed, the thesis of a state-sponsored attack has been raised by experts. It may be that the cybercriminal was able to access the system through the system allowing water treatment plant workers to remotely access the management of the plant. "These attackers may have obtained oldsmar IDs from the COMB leak," according to CyberNews.
Now access an unlimited number of passwords: