Dark Web Honeypot Shows How Quickly Leaked Passwords Attract Hackers

Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Content source
http://news.softpedia.com/news/dark-web-honeypot-shows-how-quickly-leaked-passwords-attract-hackers-500617.shtml
A simple experiment carried out by cloud security provider Bitglass has shown how quickly can a compromised account that had its password leaked attract hackers.

Bitglass' experiment revolved around a fake identity created for a fictitious bank employee. Researchers created a fake banking portal, a dummy Google Drive account, and added boobytrapped files that were monitored through the Bitglass service.

Once researchers created the fake service, they leaked it on the Dark Web as phished credentials for a Google Drive account.

Hackers prefer Tor to hide their location, go figure!
Within a day after posting the data online, Bitglass detected three logins on the Google Drive account, and another five on the fake banking portal. After two days, hackers had already downloaded files, and within a month, Bitglass recorded more than 1,400 login attempts from 30 different countries, with many hackers returning many times over the course of multiple days.

The hackers also tried to use the leaked credentials for the victim's other accounts, showing exactly why password reuse is such a dangerous habit to have.

As you'd imagine, most of the traffic came from Tor IPs. 68% of the hackers used the service to anonymize their IP address and the ones that didn't, used a VPN instead.

There were a few "curious" hackers that logged in from real IPs, and most came from Austria, Holland, the Philippines, Turkey, and the US.

A small number of hackers tried to download sensitive files
The experiment, dubbed Project Cumulus, also showed that once inside the Google Drive account, some attackers didn't stay idle, and attempted to download sensitive files.

Bitglass says that 12% of the hackers that managed to log in attempted to download files, and some even managed to open encrypted documents.

This was the second time that Bitglass carried out this study, after doing the same thing back in April 2015. The company looked over the last experiment's data once again and was surprised to find out that after hackers avoided downloading and accessing data from the first experiment in the beginning, eight months later, over 200 people accessed those particular booby-trapped files.

The Bitglass Where's Your Data? report is available for download. At only six pages, it's a very interesting quick read.
Click to expand...
 
  • Like
Reactions: Der.Reisende, shukla44, harlan4096 and 4 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Hackers email stolen student data to parents of Nevada school district
Replies
1
Views
796
News Archive
ForgottenSeer 103564
F
silversurfer
    • Like
    • +Reputation
Lazarus hackers breach aerospace firm with new LightlessCan malware
Replies
0
Views
1,531
News Archive
silversurfer
silversurfer
Bot
Malware News Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Replies
0
Views
455
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top