Two million stolen passwords How to protect yourself


image

This week Trustwave security
researchers uncovered a criminally
controlled web server that contains
nearly two million stolen account
usernames and passwords for many
popular sites, including Facebook,
Twitter, LinkedIn, Google and Yahoo.
Over the past few days, news outlets
worldwide have reported on the
discovery, and many people,
including our customers, have

questions about the malware, its
impact and how they can protect
themselves.
What we know
Users most likely had their
credentials stolen when they errantly
clicked on a malicious link or
attachment, or unknowingly visited a
malicious website that installed data-
stealing malware, known as “Pony”,
onto their computers. This malware
then delivered their usernames and
passwords to a botnet server. Pony
malware has two methods of stealing
credentials. First it scans through
stored passwords in a user’s
browsers, email clients and other
software. It also monitors web traffic
to identify when a user is logging
into a website and then attempts to
steal the password.
Malware mitigation tips
Below is some general advice about
protecting yourself against this and
future attacks, which likely will take
on similar characteristics.
Don’t click on suspicious links or
open suspicious attachments: One of
the ways the Pony malware spreads
is through email. If you weren’t
expecting an email that contains a
link or an attachment, don’t click on
or open it. Social engineering scams
often look like the real thing, so it’s a
good idea to also have in place an
email security solution that analyzes
inbound content and filters out links
and attachments to malware.
Keep your computer patched and up
to date: The Pony malware also can
infect users’ machines if they simply
visit a booby-trapped website.
Typically, these “drive-by download”
installations take advantage of a
browser plug-in that is out of date.
Make sure all of your software is
updated to the latest version, and
consider a web security solution that
can evaluate the intent of web pages
and help strip out malware.
Run anti-virus: The Pony malware
also can hit users that are tricked
into installing a bogus product
update. Avoid falling for these ruses,
and ensure you are running updated
anti-virus and intrusion prevention
defenses.
Train your staff: Give your employees
the know-how to protect your data
and network from malware. Security
Awareness Training helps reduce the
chances that your business will
become a victim of data-stealing
malware.
Choose a complex and unique
password: Having a strong and
unique password wouldn’t have
protected you against this malware,
but the server we came across
showed that far too many people use
easy-to-guess passwords and likely
share them across different
accounts. The most common
password we discovered was
“123456.” Passwords that contain at
least eight characters and are
alphanumeric in their structure are
less predictable and far more difficult
to crack than shorter ones. Users
should also use “passphrases” to
make them easier to remember, such
as “myD0g1sL0ud”. Also, make sure
you use different passwords for all of
your online accounts.

Source:Trustwave

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s