The scope is huge and we have not signed it yet. In total, A group of cybercriminals has stolen 16,000 million passwords of users of Apple, Google, Facebook, Netflix or Paypal, in what could be the greatest robbery of history. The most serious thing is that all these passwords are active.
Cybercriminals They have been made with user names, passwords, cookies and other sensitive information. The figure is so high because we all have access accounts to dozens of sites, from emails and cloud services, to social networks or streaming platforms.
As usually happens in these cases, the information is still scarce and Little is known, both of the attackers, as well as the real or media that have used to violate the security of so many platforms. It has been clear that two of the most affected countries have been Portugal and Russia.
For the doubts, lExperts recommend changing the passwords of our services if we fear they are committed. And, to better understand the scope and the tools used, we talk with David Conde, director of the Thales S21SEC Operations Center.
How did the attack affect the main operating systems, without distinction?
“Cyber attacks are increasingly elaborate and complex, being able to skip all the mechanisms to detect a company. These types of attacks use malicious software, malware, which steals user computer information – explains Conde -. This type of malware is designed to infect the largest number of equipment, regardless of what type of computer it is or what operating system has. This guarantees for cybercriminals the largest possible number of victims and, therefore, a greater return on investment. This is independent of any employment of AI, and is based on the great capacity (and media) that organized groups have to create advanced malware that is undetectable and steal exfiltre The greatest amount of information in the shortest possible time regardless of the nature of the victim. Think that this type of malware is a digital weapon after all and has a value that hundreds of thousands of euros can reach … “
How is it possible that this happened?
“The theft of information, for the information that is available at this time, It is due to malicious software called stealers that are responsible for stealing information mainly of user credentials and exfiltrate it towards cybercriminals, ” – adds this cyberxpert.
Who could be behind?
“The first – says Conde – is that The origin of the theft of information could be more than one cyber attack and that is due to a wave or several cyber attacks Made by the same cybercriminal band, using these malicious software pieces called stealers. “
Why has security failed?
“Without more concrete data, we cannot assert what has happened – Conde concludes – but this type of information theft attack, They are usually very elaborate attacks carried out by organized bands that manage to skip all security controls That a company can have. The “bad” have the ability and means of being able to carry out attacks despite all the defenses that an organization can put. “