25% of the 1.9 billion passwords and usernames bought on the black market are Google accounts
Hackers often try to hack into Google accounts, so Google researchers have spent a year to see how they can steal user accounts.
Hackers often try to hack into Google accounts, so Google researchers have spent a year to see how they can steal user accounts.
To get proof of the tools that hackers use to steal passwords, Google works with security experts at California Berkeley University and tracks black market activity. Recently they have published their results.
Most passwords are stolen in two ways: phishing emails or leaks from third parties. From March 2016 to 2017, Google discovered more than 12 million accounts (including username and password). stolen due to scams and 3.3 billion due to 3rd party.
See also: Google's new advanced security turn-on guide to not be hacked
Such a large number is because the password is an attractive item, especially having a Google account will access the password of Gmail, Google Docs, Google Drive . Although this number is large, the research team also only get free information online and limited human resources, so in fact there may be more.
The study also found that up to 25% of the passwords traded on the black market can be used to control Google accounts. 'There are more than 1.9 billion usernames and passwords on the black market forum,' the researcher said. And when many people share passwords for both Google and MySpace accounts, for example, when MySpace leaks data, hackers will try to use the password on Google.
This era no one seems to have a Google account
Even Facebook CEO Mark Zuckerberg shared the same password - dadada - for both Twitter and Pinterest accounts, to hack them in 2016 by a group called OurMine.
There are also a number of ways for companies like Google and users to protect themselves. Researchers use two-factor authentication or password management applications to create separate passwords for each page, avoid duplication, especially don't use simple and easy-to-guess passwords like '12345'.
Anyway, 'password is something we can no longer trust,' said Kurt Thomas, a researcher at Google.
Readers interested in Google reports can read more here.https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/46437.pdf
You should read it
- How to secure account information on Drive Password
- Google Account security guide with Google Authenticator
- Google launched the Password Checkup 'god' utility to make your password safer
- How to protect your Google account with Password Alert utility
- How to recover Gmail account?
- Want to secure your Google account? Do not ignore the following!
- Google Account for Android has a new interface, check your account now
- How to retrieve Gmail password, Google login password
- How to make your Google account safer?
- How to Hack Gmail
- Instructions to change your Gapo account password
- How to Hack Gmail
Maybe you are interested
What is PetitPotam Attack? How to overcome PetitPotam attack The Microsoft MSERT tool can find web shells related to the Exchange Server attack campaign Many encrypted SSDs can be decoded without a password Wsreset tool of Windows 10 Store was used by hackers to bypass anti-virus software The CredSSP vulnerability in the RDP protocol affects all versions of Windows Detects two serious vulnerabilities on uTorrent that can help hackers execute malicious code or view download history on your computer