Ukraine hacker caught attempting to sell 773m passwords

Ukraine authorities say they’ve arrested a suspect behind a cache of 773 million stolen passwords and usernames. 

According to KrebsOnSecurity, the Security Service of Ukraine (SBU) said it detained a hacker known as Sanix in association with the stolen data set which first came to light last year.

In addition to the 87 GBs of stolen data, which included 21 million unique passwords, Ukranian authorities say they also uncovered similar databases that contained financial information on European and North American citizens. 

In all, a raid on the suspect’s house turned up two terabytes of stolen data according to the SBU. 

As noted by KrebsOnSecuity, while the cache of passwords was at the time labeled ‘the largest collection of stolen data in history’ much of the data had actually been previously leaked in old data breaches and was simply compiled by Sanix.

According to Ukrainian authorities evidence found on the suspect’s computer included:

‘logins and passwords to e-mail boxes, PIN codes for bank cards, e-wallets of cryptocurrencies, PayPal accounts, and information about computers hacked for further use in botnets and for organizing distributed denial-of-service (DDoS) attacks.’ 

As noted by KrebsOnSecurity, outside of that particular trove of passwords and usernames, Ukranian officials may have had other reasons to arrest Sanix.

Cyber security firm Intel 471 reports that Sanix had been selling credentials that would allow customers to access large organizations including four dozen universities from across the world.

Among the credentials was also access to a VPN used by the government in San Bernadino California. 

As noted by KrebsOnSecurity, the extent of Sanix’s databases of personal information underscore the need to maintain adequate password standards and adopt extra security measures like two-factor authentication.