Trustwave SpiderLabs has been digging through the source code of the Pony Botnet Controller, and what the firm found may scare you. Apparently the Botnet’s server was home to more than two million compromised accounts, including passwords for major Internet sites such as Facebook, Yahoo, Google, Twitter, LinkedIn and others.
According to SpiderLabs, the data includes 1,580,000 login credentials, including usernames and passwords, 320,000 email logins, 41,000 logins for FTP servers, 3,000 accounts for remote desktop clients and 3,0o00 secure shell client logins. There were 318,121 passwords leaked for Facebook alone, 59,549 passwords for Yahoo, and 54,437 Google passwords on the server. Most of those affected may be Russian speakers living in the Netherlands.
“You can also spot the notable presence of vk.com and odnoklassniki.ru, two social network websites aimed at Russian-speaking audiences, which probably indicates that a decent portion of the victims compromised were Russian speakers,” the security firm says, noting that the attack seems to have been targeted at the Netherlands, though 92 countries in total were affected.
The top 10 passwords discovered by the Botnet were fairly obvious, and include, in order of popularity:”123456,” “123456789,” “1234,” “password,” “12345,” “12345678,” “admin,” “123,” “1,” “1234567” and “111111.” Most of the passwords leaked only used one type of character, such as only letters or only numbers, and few had four different types of characters in the password.
In other words, take this as a lesson: first, change your passwords regularly to be safe. Second, don’t make them super obvious or easy to crack. The full report can be found in the source below.