A Russian hacker handed over the biggest collection of compromised email accounts ever collected by one individual in exchange for "likes" on his social media page, says a computer security expert.
Alex Holden, chief information security officer at Hold Security, said the Russian hacker, who collected 272 million compromised email accounts and passwords, initially wanted just 50 rubles (75 cents) for the entire collection of data. But when Holden told the hacker “we refuse to contribute even that insignificant amount to their cause,” the Russian cybercriminal — dubbed “the Collector” by researchers — handed over all the data in exchange for likes and votes on an online forum, where had been bragging about his huge cache of data and that he was willing to give it away.
The cache of email addresses and passwords totaled 1.17 billion records, but many of them were duplicated, and in the end only 272 million unique credentials were discovered. Holden told International Business Times that 85 percent of the compromised accounts had been seen previously from other breaches, but that the collection “is still the biggest collection amassed by a single individual.”
While the majority of the records were for accounts at the Russian-based Mail.ru service, there were also significant numbers of accounts — numbering in the tens of millions each — from Google’s Gmail, Yahoo Mail and Microsoft’s Hotmail.
“This information is potent. It is floating around in the underground, and this person has shown he’s willing to give the data away to people who are nice to him,” Holden told Reuters. “These credentials can be abused multiple times.”
The cache contained 57 million Mail.ru credentials, which is the vast majority of the 64 million users Russia’s most popular email service claimed to have at the end of last year. Holden says 4 million credentials were never seen before and those are now being processed and distributed to companies and individuals who can secure their systems against abuse.
Hackers can use such data to carry out social engineering and phishing attacks against targets and by taking advantage of the fact that internet users like to reuse the same password for multiple accounts despite consistent warnings from the security industry.