- John Mayer steps in to Photoshop Diplo’s Instagram 5 Years Ago
- Venmo is flagging payments that mention ‘Persian’ 5 Years Ago
- YouTube’s Slo Mo Guys inspired a key moment in ‘Solo’ 5 Years Ago
- Trump unveils ‘workshopped’ nickname for Bernie Sanders Today 8:16 AM
- This Kickstarter needs $4,000 to digitally erase the rat from ‘The Departed’ Today 8:07 AM
- Welcome to Bernie 2020 Twitter, same as Bernie 2016 Twitter Today 7:39 AM
- Bernie Sanders memes resurface after 2020 bid announcement Today 6:27 AM
- How to survive and thrive in Metro Exodus Today 6:00 AM
- How to stream ‘Survivor’ for free Today 5:30 AM
- The simple way to connect Apple TV and HomePod Today 5:00 AM
- How to watch Juventus vs. Atletico Madrid online for free Today 5:00 AM
- Black man films ‘Crosswalk Cathy’ yelling racist slurs at him Tuesday 6:47 PM
- Guerrilla artists turn John Oliver billboard ad into right-wing meme Tuesday 4:20 PM
- Netflix lines up unnecessarily good cast for ‘Green Eggs and Ham’ Tuesday 3:48 PM
- Netflix drops trailer for Mötley Crüe biopic ‘The Dirt’—and the cast is wild Tuesday 3:41 PM
2 million hacked usernames and passwords discovered in a massive online dump
Wanna guess how many passwords were “password”?
A team of Internet security researchers has stumbled upon a massive online cache of more than 2 million hacked email addresses, usernames, and passwords.
SpiderLabs, a division of online firm Trustwave that bills itself as an “elite team of ethical hackers, investigators and researchers,” made the announcement Tuesday.
The thing that many of the hacked accounts had in common? Outrageously easy passwords. Tens of thousands of them had passwords like “12345,” “1,” “admin,” and the ever-popular “password.” As you’d expect, the fewer characters and complexity a password had, the more likely it was to end up on that list.
The passwords had been harvested by an enormous botnet referred to as a “Pony,” which the BBC referred to as “probably run by a criminal gang.” As this Pony’s operators did a good job of covering their tracks, SpiderLabs couldn’t confirm where the attackers were based, though the dump was written in Russian.
Illustration by Fernando Alfonso III
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.