Social media and online security haven’t exactly made great bedfellows of late. Anxiety from users over where their data is being shared, who is seeing it and how secure their accounts actually are, has heightened in recent weeks. The latest news about the theft of over two million passwords for Facebook, Twitter and LinkedIn accounts worldwide hasn’t exactly helped matters.
Cybercriminals behind the infamous Pony botnet, which has already compromised the security of thousands of computers worldwide, had managed to steal a multitude of passwords and other login credentials for social sites the world over and post them online. Although the reach of this attack has been global, over 96% of IP addressed affected were registered in the Netherlands.
Although the sites most affected by the botnet were Facebook, Twitter, Yahoo and LinkedIn, other sites with more local and regional followings were compromised. Users of vk.com, one of the most popular social networks in Russia, found that their passwords had been taken and changed by those behind Pony. The attack saw a consistent number of passwords taken on a daily basis.
The botnet had managed to work by infecting unprotected devices with malware that came in the form of keylogger software. This then enabled the botnet to take passwords as they were being typed in, meaning that passwords were changed to help make logging in impossible for those affected. There was a common theme for most of the passwords stolen – simplicity.
Pushing the wrong buttons
Some prime examples of passwords stolen and published by the team of hackers behind Pony included ‘password’, ‘1234’, ‘123456’ and ‘1’. All of those make it easier for keylogging software to do its job and send out information to the botnet operators, stressing the importance of making passwords a little more complicated, but is that sufficient enough to guard against infection?
According to Andrew Mason, security expert for RandomStorm, the use of an endpoint security system should be the best possible way to help block out any threat of password theft.
“This just goes to show about the importance of endpoint security combined with a strong password. Even the strongest password is worthless if the endpoint it is being used on is either untrusted or trusted but insecure allowing a bonnet such as Pony to be run on it and the subsequent password key logger”, he said.
“Once the key logger is installed it is very easy to harvest usernames and passwords for whatever the user types in during the course of their normal day. By ensuring proper endpoint security and at a minimum patching and up to date AV deployment these types of attacks can be totally eliminated.
“The second area of concern from the article is the use of weak passwords. Again, without a strong password it makes the job of a hacker so much easier being able to use an automated tool to crack many passwords per second”, added Mr Mason.