A archive which contains 1.4 billionmillions passwords, which have not been encrypted (or have been decrypted – clear text) circulate on the Dark Web.
The file contains contains over 1,4 billions of email addresses, passwords and other credentials, all clear text, and discovered by the security company 4iQ.
The file is 41 gigabytes in size and was discovered on December 5. It was updated at the end of last month, which shows that the data is current and used by third parties. The identity of the hacker who posted them is not known, but he left details of any donations to Bitcoin and Dogecoin.
"None of the passwords are encrypted and what scares us is that we tried some of them and most of them work." said Julio Casal, founder of 4iQ. "The breach is almost double the previous largest leak, the list from Exploit.in which reported 797 million registrations."
The Exploit.in list is included in this dump, as are the files that have been reported to have been stolen before. But much of the data seems to be completely new.
See the images uploaded by medium.com
The security company tried to get in touch with some of the subscribers in the list, and many e-mail addresses turned out to be active, although in most cases passwords were no longer used.
But no matter how we do it, the size of the leak is a treasure for hackers, as all these passwords together are a first-class library for brute force attacks…
