• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 8th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News
Leaks

A Trove of 1.4 Billion Clear Text Credentials File Found on Dark Web

December 10th, 2017 Waqas Security, Leaks 0 comments
A Trove of 1.4 Billion Clear Text Credentials File Found on Dark Web
Share on FacebookShare on Twitter

In a Dark Web marketplace, one can buy anything from illegal drugs to weapons, fake documents to malicious software and even stolen databases, etc. Although after the shut down of Hansa and AlphaBay marketplace, buying and selling have slowed down. It does not, however, mean it has been fully curbed. 

Recently, a dark web monitoring firm 4iQ discovered a massive trove of the 41GB data file containing 1.4 billion billion login credentials including emails and passwords in clear-text format. Researchers believe it is the “largest aggregate database found in the dark web to date” beating the Onliner Spambot dump with 711 Million accounts following Exploit.in data dump in which 593 million accounts were exposed.

Although, in their blog post, researchers maintained that the data they found is a “breach,” but then they also state that “This dump aggregates 252 previous breaches” meaning it is not a breach but a combined list of login credentials complied by someone from previous data breaches including the aforementioned Anti Public Combo List, Exploit.in dumps and LinkedIn.

The dump was discovered on a dark web forum on December 5th, 2017 in which the total amount of data is 1,400,553,869 with usernames/emails and their clear text password. “This database makes finding passwords faster and easier than ever before. As an example searching for “admin,” “administrator” and “root” returned 226,631 passwords of admin users in a few seconds,” explains 4iQ’s Julio Casal.

A Trove of 1.4 Billion Clear Text Credentials File Found on Dark Web

(Credit: 4iQ)

The company further noted that in total, 14% of exposed login credentials were never exposed to public neither were they ever decrypted on any forum however now these credentials are available in clear text format for anyone to download.

A Trove of 1.4 Billion Clear Text Credentials File Found on Dark Web

The list of top 40 Passwords and volume found (Credit: 4iQ)

Researchers believe since the data is 100% decrypted and available in alphabetical order it poses a great threat to users since most of us use the same password on social media sites and banking platforms. 4iQ is currently in the process of analyzing the full data dump and might take a while to come up with full disclosure of their findings, therefore, stay tuned; this article will be updated accordingly.

Those who are unaware of previous data breaches; there have been several tech giants who have had their data stolen and sold on dark web marketplaces. Some of them include LinkedIn, MySpace, Twitter, Tumblr, Dropbox, Bitcoin forums, Zomato, and others. Also, in March this year, HackRead discovered 21 million Gmail, and Yahoo accounts that were being sold on Dark Web.

  • Tags
  • breach
  • dark web
  • Data
  • internet
  • LinkedIn
  • Password
  • Privacy
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Update payment method: Netflix phishing scam steals login credentials
Next article Someone hacked this traffic sign with anti-Trump messages
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

IT Security firm Qualys extorted by Clop gang after data breach

IT Security firm Qualys extorted by Clop gang after data breach

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
John McAfee Charged with Fraud in Cryptocurrency Scam
Cyber Crime

John McAfee Charged with Fraud in Cryptocurrency Scam

U.S. DOJ warns of fake unemployment benefit websites stealing data
Cyber Crime

U.S. DOJ warns of fake unemployment benefit websites stealing data

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers
Cyber Attacks

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us