According to reports, hackers have stolen nearly 2 million user passwords for Facebook, Google, Yahoo, and Twitter due to key-logging software installed on computers all over the world. A cyber security firm called Trustwave has stated that there is an untold number of computers that have this software installed on it.
The malicious software virus has been logging keystrokes and log-in credentials for the most popular sites on the internet for over a month. Those passwords have then been sent to a server that is controlled and monitored by hackers. November 24th, Trustwave researchers actually tracked the servers to locations in the Netherlands that had more than 93,000 compromised websites on them.
Some of the included accounts included the following:
- 318,000 Facebook (FB, Fortune 500) accounts
- 70,000 Gmail, Google+ and YouTube accounts
- 60,000 Yahoo (YHOO, Fortune 500) accounts
- 22,000 Twitter (TWTR) accounts
- 9,000 Odnoklassniki accounts (a Russian social network)
- 8,000 ADP (ADP, Fortune 500) accounts (ADP says it counted 2,400)
- 8,000 LinkedIn (LNKD)accounts
These companies posted their findings on Tuesday.
“We don’t have evidence they logged into these accounts, but they probably did,” said John Miller, a security research manager at Trustwave.
Twitter officials stated that they have notified users that were affected and have since reset passwords for those users. Google declined comment and Yahoo didn’t provide immediate response.
Among the social and email sites, another 40,000 log in credentials for FTP have been stolen as well. If you are interested in seeing if your computer is infected by browsing applications and installed software, no dice. It runs in the background and is hidden. Your best bet is to download a fresh patch to your anti-virus software and update your Adobe and Java plug-ins.