The easiest and widely used authentication method to access Internet services is based on username and password. When users can create their own accounts on services that require online self-registration procedure, email addresses are usually used as usernames. Cybercriminals are constantly aiming to steal this type of data for various reasons, for example with the purpose of selling them in the underground market. Sometimes stolen accounts can be found on the public Internet, even without the owner being aware of it. In this report we provide a qualitative description and a quantitative analysis of Cit0Day data leak, a collection of more than 345 million hacked login credentials from 23600 online services, made available on the public Internet in October 2020. In particular, our analysis focuses on two different aspects: one related to the hacked services and the other related to the end user credentials. Finally, we have carried out a specific analysis of the data leak in order to assess the security concerns regarding our organization. Even if there were no hacked services belonging to our organization, we found out that nearly 2500 CNR related credentials were used on more than 450 hacked services.
Analysis of Cit0Day data leak: a collection of 345 million hacked credentials from 23600 online services
F M Lauria;A De Vita;A Gebrehiwot
2020
Abstract
The easiest and widely used authentication method to access Internet services is based on username and password. When users can create their own accounts on services that require online self-registration procedure, email addresses are usually used as usernames. Cybercriminals are constantly aiming to steal this type of data for various reasons, for example with the purpose of selling them in the underground market. Sometimes stolen accounts can be found on the public Internet, even without the owner being aware of it. In this report we provide a qualitative description and a quantitative analysis of Cit0Day data leak, a collection of more than 345 million hacked login credentials from 23600 online services, made available on the public Internet in October 2020. In particular, our analysis focuses on two different aspects: one related to the hacked services and the other related to the end user credentials. Finally, we have carried out a specific analysis of the data leak in order to assess the security concerns regarding our organization. Even if there were no hacked services belonging to our organization, we found out that nearly 2500 CNR related credentials were used on more than 450 hacked services.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
