Technology

63375 readers

6353 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

316

Have I Been Pwned adds 284M accounts stolen by infostealer malware (www.bleepingcomputer.com)

submitted 2 days ago by [email protected] to c/[email protected]

30 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 29 points 2 days ago (1 children)

Yea just got the alert that one of my old email addresses was affected

[–] [email protected] 13 points 2 days ago (1 children)

Does that mean the malware was once on your system?

[–] [email protected] 31 points 2 days ago (2 children)

I doubt it. Probably just means some website i signed up to using that email was compromised and had all their data leaked.

[–] [email protected] 14 points 2 days ago (2 children)

The blog post regarding this "dump" suggests that it was actually from malware, so the answer to "Does that mean malware was once on your system?" is likely to be Yes. https://www.troyhunt.com/processing-23-billion-rows-of-alien-txtbase-stealer-logs/

[–] [email protected] 5 points 2 days ago* (last edited 2 days ago)

Likely perhaps, but this email address hasn't been actively used by me in over a decade, which means either this dataset is extremely old, or maybe the holders of the data had been compromised by malware when they were attempting to gain access to whatever website. Who knows?

And since it was a singular address, and none of my other addresses were affected, im able to determine the timeline of when I was affected by this. Its during an era where this email address was involved with many data breaches.

There are 23 billion records in this stealer log, with only 284 million unique entries.

[–] [email protected] 2 points 2 days ago

my email has been in several breaches, for example trillian chat that i have never even heard of, and some virtual keyboard i definitely have not installed.....should i suspect malware?

[–] [email protected] 3 points 2 days ago (1 children)

For stealerlogs yes, it means malware was on your system, and exfiltrated data, typically from your browsers.

[–] [email protected] 2 points 2 days ago (1 children)

I don't think that's guaranteed to be true.

A very old email of mine which I haven't used in many years was in the breach.
None of my other email addresses were in there, so it's highly unlikely that I was affected by this malware in the last decade.
That email has been in many other breaches however, so I wouldn't be surprised if somebody who had access to an old dump was infected.
My money's on some random skid who downloaded an old database dump and got infected when they downloaded some bad warez.

Either that, or this includes credentials from people who had the malware 15+ years ago.

[–] [email protected] 2 points 1 day ago

Then they must have tried your password and saved it to one of a specific number of places. Infostealers are by definition a class of malware, which means it's got to be installed somewhere with access to the directory storing the credential.

Or it was from an old computer, or mislabeled.

https://www.youtube.com/watch?v=L3f9do5mtT8

Here's a good talk on infostealers for anyone curious.