Analecta Cyber Company Blog: Hacker ‘Mr. Grey” steals 1.2 billion passwords

2015-12-03

Hacker ‘Mr. Grey” steals 1.2 billion passwords

A hacker  who goes by the name Mr. Grey was able to harvest more than 1.2 billion login passwords for online accounts. According to the FBI, the hacker is believed to have acted alone but it’s possible the name represents a collective of hackers.



It appears that this is the biggest collection of log-in credentials that the bureau has ever investigated. And as Reuters reported, details of the hacking came from court documents submitted by federal agents in support of their request for an arrest warrant back in 2014.

The anonymous Mr. Grey was dragged into the hacking inquiry when the FBI, during is investigations, found his Russian email address in spam-sending tools and posts on a Russian hacking forum. The bureau detailed that Mr. Grey’s post offers to get user login credentials for Twitter, Facebook and Russian social network VK.

Security firm discovered hack

The theft of more than 1.2 billion login credentials together with around half billion email accounts was first reported last year by a cyber security firm named Hold Security. According to the company chief information security officer, this was an enough evidence to link Mr. Grey to the hacking job, which gave him access to a large database of stolen online credentials.

The firm found out that CyberVor, a Russian hacking group, was the one responsible for the hacking. Upon deeper investigation, Hold Security uncovered that the same technique was recently used to hack TalkTalk, one of the biggest UK-based phone and internet service provider.

The  hack was pulled off with the use of botnets that look for SQL injection flaws and harvest sensitive information from more than 420,000 websites.

The botnets in this case were used as a huge scanner on the Internet. The hacker continuously employed the same technique which eventually ended up with the largest cache of stolen unique sets of emails and passwords.

The FBI is still investigating the matter. Nevertheless, it remains unclear if Mr. Grey acted alone, or if they were a group of hackers operating under one name.