It seems like a day can’t pass by without any situation where accounts on social media networks are hacked. In the new and upcoming story, 100 million users’ accounts of the Russian popular version of Facebook, VK.com are currently being traded on the underground market.
LeakedSource also released obtained data that they had managed to get their hands on. They published an analysis of the situation on Sunday. The notorious hacker, Peace known for the MySpace hack, the Tumblr hack and also associated with the LinkedIn hack which saw high-profile people have their data also stolen at the forefront of this one. He is the one who listed the data on the dark market.
VK is a Russian made and based social media network which was heavily influenced by the making of Facebook. As one would expect, the social network is popular in Russian and has all the facets that are also seen on the Facebook network. It has messages, friend sections, photo galleries, like buttons and so much more. The site was found by Russian, Pavel Durov, who is also responsible for the creation of global messaging app Telegram. Reports say that in 2014, VK had 100 million users.
The hacker involved, Peace gave the reporters a dataset which showed that there was a total of approximately 101 million records. LeakedSource, a site which is also known to reveal datasets in cases of hacks, provided a smaller sample so reporters could verify the data. First names, last names, email addresses, phone numbers, and passwords are in the leaked data.
Peace claims that the passwords were put main text already by the time he hacked the accounts, and he had not done any cracking on them. He is selling the data for 1 Bitcoin which would be around $570 as at the exchange rate. The dataset might also be containing some live accounts. Out of the dataset, 100 accounts were randomly selected, and 92 of them corresponded to some of the active accounts on the site at the moment. One Russian who was contacted for verification purposes said the password in the leak was the one he had been using.
Most of the phone numbers which were put there were all genuine, but not all records had numbers with them. According to the hacker responsible, the hack was done between 2011 and 2013 though the exact is unknown at the time. He also says that he has 71 other million accounts that he is not going to sell yet.
LeakedSource said that the most used password was ‘123456’ which appeared 709,067 times, with ‘qwerty’, ‘123123’ and ‘qwertyuiop’ also making significant appearances.