Data of 361 million stolen accounts leaked on Telegram has been added to HIBP.
Saad khan 
Islamabad: Recently, a staggering 361 million email addresses, sourced from various channels like password-stealing malware, credential stuffing attacks, and data breaches, made their way onto the Have I Been Pwned breach notification service. These credentials, shared by anonymous cybersecurity researchers via Telegram channels, included combinations of usernames and passwords, often accompanied by associated URLs or raw cookies.
Troy Hunt, the service's owner, disclosed that among these email addresses, 151 million had not been previously recorded on Have I Been Pwned. Despite the enormity of the dataset, confirming the legitimacy of all credentials proved impossible. However, Hunt did verify many email addresses by using sites' password reset forms, confirming their association with the mentioned websites. He refrained from confirming passwords, as doing so would involve illegal account access.
Notably, no site allowing logins, including Bleeping Computer, remained unaffected by these leaked credentials. The same researchers also shared credentials stolen from Bleeping Computer's forums, likely by information-stealing malware. This type of malware, which extracts passwords, cookies, and other data, is often distributed via social media, fake software, or malicious emails.
Bleeping Computer, upon receiving the data, is currently analyzing and removing duplicates to proactively reset affected members' passwords. Unfortunately, since timestamps aren't typically included with stolen credentials, impacted users must assume all their credentials are compromised. This revelation provides clarity for those experiencing inexplicable account hacks or unusual device behavior, often stemming from past credential theft.
Information-stealing malware poses a significant cybersecurity threat, enabling various malicious activities like ransomware attacks and data theft. High-profile incidents, such as breaches affecting Microsoft and the Costa Rican government, highlight the severity of this issue. Recently, Snowflake databases fell victim to data theft, allegedly via compromised credentials obtained through information-stealing malware.
Preventing such attacks requires adopting robust cybersecurity practices, including cautious email and software usage, antivirus software deployment, and regular system updates. Though challenging to eradicate entirely, these habits serve as essential defenses against information-stealing attacks.
