Trustwave claims accounts compromised

         
As much as we would like to believe in a more secure world, we cannot let the belief get in the way of our understanding of hard realities. We don’t know what to do if something actually does happen to our data. We don’t know what to do if something or if someone steals our data. Well we should, because compromised security isn’t a theoretical problem discussed in the convention centres and htel ball rooms over breakfast and lunch. People with hopes, aspirations, and problems become exposed to scam artists and tricksters who are hell bent on milking them and exploiting them because they accepted the promise which wasn’t supposed to be made.

The Pony Botnet Controller, a malicious program, has hit two million accounts across the web resulting in a massive data breach that has affected roughly two million accouts. Roughly two million passwords have been stolen across the web. The keylogging malware has found its way onto computers of unwitting victims. It has captured log-in credentials and sent the username/password combo back to a server run by a group of mauraders.

Trustwave, the cybersecurity firm that uncovered the breach, claims that the virus compromised accounts from more than 93,000 websites. The website hardest hit with over 318,000 stolen credentials was Facebook, followed by Yahoo with nearly 60,000 and Google with over 70,000 affected users, followed by Twitter with 22,000 , and LinkedIn and ADP (around 8,000 profiles). ADP specializes in human resources software, which means the company could experience serious financial ramifications as a result of thsese attacks.

“We don’t have evidence they logged into these accounts, but they probably did,” said John Miller, a security research manager at Trustwave. “They might be able to cut checks, modify people’s [ADP] payments,” he added.

Trustwave reports that both a proxy server and the Command-and-Control server behind the attacks are located in the Netherlands, but targeted accounts seem to span much of the globe—as many as 102 countries may have been impacted. The revelation comes a little over a week after a Dutch publication revealed that the NSA had infected 50,000 computer networks with spyware.
The cybersecurity firm reported its findings to the affected companies and published the discovery on Tuesday, December 3rd. It is recommending that everyone update their antivirus software and download the latest patches for Java, Adobe, and any and every Internet browsers that might be installed on their computers.