Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Approximately 5,000,000 Google accounts leaked on Russian Bitcoin Forum


  • Please log in to reply
39 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,639 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:44 AM

Posted 10 September 2014 - 12:59 PM

On Tuesday, approximately 5 million Google accounts and their passwords were leaked on the Russian Bitcoin Security forum btcsec.com. A forum user named tvskit created a topic that included the leaked accounts and said that approximately 60% of the accounts were still valid. At this time, Google has not verified whether the leak is valid and there have been reports that this information is just a compilation of older leaks that go back a few years.

A password redacted version of the leaked file was then posted in the /netsec/ subreddit, which can be used to determine if your account was in the leak. Numerous people in /netsec/ have confirmed that their accounts and the corresponding passwords were listed in the leak.

It is strongly suggested that you change your Google account password to be safe. If you use the same email and password at other sites, you should change it there as well.

Edit: Reddit link has strike through. Since the time stamp this article was posted that entire thread has been edited to delete every comment.~ Animal


BC AdBot (Login to Remove)

 


#2 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:44 AM

Posted 10 September 2014 - 01:13 PM

That is a lot of accounts if this holds true.


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#3 Without_A_Monitor

Without_A_Monitor

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh bleepinverse
  • Local time:03:44 AM

Posted 10 September 2014 - 01:43 PM

Thank you very much for the alert.

In regards to the reddit link, does anyone happen to know if the file in the OP is safe to download? Additionally, is the website, isleaked.com, which is listed in the discussion legit?

#4 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:44 AM

Posted 10 September 2014 - 01:45 PM

I downloaded the file and it contained a google_5000000.txt file that seems to be safe. I opened it in virtual box. It seems to be just a list of gmail accounts. You can open it and use Ctrl+F in notepad to search for your account to see if it was leaked. I did not test the link for isleaked.com

 

The file does take a while to open due to the size.


Edited by zingo156, 10 September 2014 - 01:47 PM.

If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#5 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,639 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:44 AM

Posted 10 September 2014 - 01:47 PM

The file is indeed safe. Just a zip file with a text within it. The text file contains all of the leaked emails. No passwords.

As for the isleaked.com site, I have no idea who the people behind it are. Personally, I wouldn't put my email into any site that I didn't know for the risk of it being used for phishing or spam campaigns. It's legality, I have no idea.

#6 Without_A_Monitor

Without_A_Monitor

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh bleepinverse
  • Local time:03:44 AM

Posted 10 September 2014 - 01:51 PM

Alright. Thanks a lot for the helpful replies. I'll probably download the file.

After some searching, other websites that are covering this story also indicate isleaked.com as a means to verify if a person's account has been leaked or not, but the websites that I've found do not explain anything more about the website.

#7 Bleky

Bleky

  • Members
  • 185 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on internet
  • Local time:09:44 AM

Posted 10 September 2014 - 02:23 PM

Passwords changed :)

#8 GT500

GT500

    Authorized Emsisoft Representative


  • Security Colleague
  • 137 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Fortville, Indiana, USA
  • Local time:03:44 AM

Posted 10 September 2014 - 03:52 PM

Thanks for the info Lawrence. Fortunately it doesn't look like anyone I know is on the list. :wink:

For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...


#9 Juliet

Juliet

  • Malware Response Team
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:44 AM

Posted 10 September 2014 - 05:01 PM

May we post this information on other help sites?
MS - MVP Consumer Security 2009 - 2016, rMS-MVP 2017
Microsoft Windows Insider MVP 2016-2017

#10 rp88

rp88

  • Members
  • 3,060 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:44 AM

Posted 10 September 2014 - 05:05 PM

Are accounts with "2 step verification" safe from this? How were so many details stolen?


Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#11 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,639 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:44 AM

Posted 10 September 2014 - 05:19 PM

May we post this information on other help sites?


Public info, but even if it wasn't you are always welcome :)

 

Are accounts with "2 step verification" safe from this? How were so many details stolen?


2-step verification would prevent the hacker from using your credentials as google would require them to perform the verification step. Google Russia is looking into it, but the theories are that these emails are a compilation of accounts from over the years. It may not be a recent attack.

As for the isleaked.com, I would stay clear of it and just reset your passwords to be safe.

#12 Juliet

Juliet

  • Malware Response Team
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:44 AM

Posted 10 September 2014 - 05:22 PM

Thank you so much.

Y kawika has asked me to tell you he says hello :)
MS - MVP Consumer Security 2009 - 2016, rMS-MVP 2017
Microsoft Windows Insider MVP 2016-2017

#13 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:44 AM

Posted 10 September 2014 - 05:45 PM

Thank you very much for the alert.

In regards to the reddit link, does anyone happen to know if the file in the OP is safe to download? Additionally, is the website, isleaked.com, which is listed in the discussion legit?

As already stated, I wouldn't enter my email address into a site I'm unfamiliar with.

Furthermore, I would suggest those contemplating the use of the site consider reading the following article first.
http://jameswatt.me/2014/09/10/isleaked-com-registered-2-days-before-gmail-leak-public/
Posted Image

#14 JohnC_21

JohnC_21

  • Members
  • 24,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:44 AM

Posted 10 September 2014 - 06:07 PM

I put my Gmail account in that webpage but fortunately it's a junk email address. There is another site to check gmail accounts but I can't say if it is legit or not.

http://securityalert.knowem.com/


#15 Y kawika

Y kawika

    Anti-Spyware Brigade


  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island, NY USA
  • Local time:02:44 AM

Posted 10 September 2014 - 06:23 PM

Thanks gang, and I'd be leary of that "isleaked" site as well.

 

:) Y






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users