First, this is not a blog about a big corporate breach, or a massive new discovery. Rather, the researchers at Trustwave gained access to a botnet controller interface (the C&C element of a botnet) known as Pony and revealed the data within. Not surprisingly, as the vast majority of botnets target user credentials, this controller had a good deal of data related to passwords. While 2 million passwords might seem like a lot, it is really a drop in the bucket compared to many recent breaches. Think about Adobe who lost a minimum of 28 million, but is rumored to be closer to 130 million, login credentials to their services. Combine this with the fact that many people use the same password for all online accounts.
Webroot SecureAnywhere users are protected against botnet and keylogging malware in a number of ways. First, we have great visibility into the threats our users are encountering and in the vast majority of cases are able to instantly identify malicious software, including those which record keystrokes – even commercially available keyloggers. Second, we have layered technology which looks to neutralize applications which aim to record keystrokes or screenshots. Webroot’s Identity Shield looks at over 2 dozen specific tactics used by these applications and prevents data collection from unknown applications.
While the Trustwave blog is interesting from a password strength perspective, as many passwords recorded were very weak, it isn’t groundbreaking news, or even the largest discovery of its kind. What it is, is confirmation that this type of information is highly valuable and that cybercriminals are using all tools available to compromise online user accounts. It is also a good reminder that using a strong password policy, even for your personal accounts, is a good way to improve your security. After all, a compromised password can be fixed by resetting your password.
Read the CNN article on Trustwave’s discovery here: http://money.cnn.com/2013/12/04/technology/security/passwords-stolen/