A file containing 1.4 billionmillions passwords, which have not been encrypted (or have been decrypted – clear text) circulate on the Dark Web.
The file contains over 1,4 billion email addresses, passwords and other credentials, all in clear text, and was discovered by company security 4iQ.
The file is 41 gigabytes in size and was discovered on December 5. It was updated at the end of last month, which shows that the data are current and used by third parties. The identity of the hacker who posted them is unknown, but he left details of possible Bitcoin and Dogecoin donations.
"None of the passwords are encrypted and what scares us is that we tried some of them and most of them work." said Julio Casal, founder of 4iQ. "THE infringement is nearly double the previous largest leak, the list from Exploit.in that exposed 797 million records.”
The Exploit.in list is included in this dump, as are the files that have been reported to have been stolen before. But much of the data seems to be completely new.
See the pictures uploaded by medium.com
The security company tried to get in touch with some of the subscribers in the list, and many e-mail addresses turned out to be active, although in most cases passwords were no longer used.
But no matter how we do it, the size of the leak is a treasure for hackers, as all these passwords together are a first-class library for brute force attacks…
