Hackers stole 2M Facebook, Twitter, and Google passwords – here’s how to stay safe

123456 remains the worlds most used and worst password
JMik/Shutterstock

“Criminal botnet” sounds like something from a forgotten sci-fi serial from the 1970s, but turns out they’re real, and they’ll steal your passwords.

A botnet called Pony recently stole 2 million passwords for major online destinations like Facebook, Yahoo, Google, and Twitter, as well as payroll service Automated Data Processing. The security research team at Trustwave’s Spiderlabs discovered the massive data heist this week and outlined how the botnet works its dirty magic on their blog

The passwords were welched off devices infected with malware that gave something called the Pony Botnet Controller access to information. This version of Pony rounds up passwords with frightening efficiency; even more disturbingly, since it has successfully obtained information from a large payroll company, this criminal hack could have immediate financial repercussions for people impacted. Yikes. 

There’s no way to make your information absolutely 100 percent safe, because the collectives behind this sort of attack tend to be pretty smart at inventing new ways to get at our personal information. But there are a few steps you can take to avoid falling prey to this kind of hack. 

First, assess the situation. 

Find out if you were one of the unlucky victims at HaveIBeenPwned – the site lets you enter as many email accounts as you want and will tell you if you’ve been hacked. It might even give some follow up information about what particular security breach was responsible. If any of your accounts turn up a warning, you’d best go change that password immediately. 

Don’t choose an obvious, simple password. 

You’d think people would know by now not to use passwords like “123456” but I guess not. This kind of “chocolate teapot” password (meaning: they’re completely useless) was the most commonly stolen. Other commonly stolen passwords: 123456789, 1111111, and “admin.” Just get more creative (your birthday and name aren’t recommended, either). Setting a longer password seems like too simple a solution, but most of the passwords stolen were just that — too simple. Pony Botnet Password Chart

For Facebook, take advantage of additional security. 

Facebook told the BBC that people could safeguard their passwords by activating Login Approvals and Login Notifications in their security settings. Turning the Login Notifications on will alert you anytime someone attempts to sign in from an unknown location, and using Login Approval will generate a unique password that gets sent to your mobile phone — and both security measures could keep your Facebook information out of the hands of botnets. 

This isn’t the first time a widespread security breach has happened. This is on a notably large scale, yes, but passwords get stolen all the time. The best thing you can do is come up with a complicated, long, unique password that won’t be easy to guess, and take the time to set your security settings to notify you when unusual activity occurs. 

Social Media

A Facebook, Instagram bug exposed millions of passwords to its employees

Facebook, Facebook Lite, and Instagram passwords weren't properly encrypted and could be viewed by employees, the company said Thursday. The network estimates millions of users were affected.
Computing

Sending SMS messages from your PC is easier than you might think

Texting is a fact of life, but what to do when you're in the middle of something on your laptop or just don't have your phone handy? Here's how to send a text message from a computer, whether you prefer to use an email client or Windows 10.
Computing

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Mobile

Free yourself! How to unlock a phone from the icy hands of your wireless carrier

Do you want to know how to unlock a phone through your carrier or a third-party service like DoctorSIM? Regardless of which way you want to go, we've compiled a list of requirements and methods for doing so.
Social Media

Yep, it’s not just you. Facebook, Instagram, and WhatsApp are down for many

Facebook's family of apps has been suffering issues for much of the day. Instagram, WhatsApp, Facebook Messenger, and Facebook itself have been out of action for users around the world, with the company scrambling to sort it out.
Social Media

Facebook may soon let you watch live TV with friends in Watch Party

Facebook Watch Party is designed to allow friends to watch together, even when they can't be in the same physical space. Now, that feature could be expanding to include live TV. Facebook announced a test of the feature, starting with live…
Social Media

Federal investigation digs into Facebook’s data-sharing deals

Facebook confirmed it is cooperating with a federal criminal investigation. According to a report, the company is under investigation for sharing user data with smartphone and tablet companies.
Social Media

Facebook explains its worst outage as 3 million users head to Telegram

Facebook, if you didn't already know it, suffered a bit of an issue on Wednesday, March 13. An issue that took down not only its social networking site, but also Instagram, WhatsApp, and Messenger. On Thursday it offered an explanation.
Gaming

Snapchat could soon let you play games in between your selfies

If a new report is accurate, Snapchat will be getting an integrated gaming platform in April. The platform will feature mobile games form third-party developers, and one publisher is already signed on.
Social Media

Twitter is testing a handy subscription feature for following threads

Twitter has recently started testing a feature that lets you subscribe to a thread so that you’ll no longer need to like a comment or post to it yourself in order to receive notifications of new contributions.
Social Media

Your Google+ public content will remain viewable on the web, if you want it to

Google's failed social network — Google+ — will soon be wiped from the internet, but there's a team of volunteers working right now to save its public content for the Internet Archive.
Computing

There’s more space on MySpace after ‘accidental’ wipe of 50 million songs

MySpace is no longer a safe refuge for music and media produced in the 2000s. It said that almost any artistic content uploaded to the site between 2003 and 2015 may have been lost as part of a server migration last year.
Computing

Intel and Facebook team up to give Cooper Lake an artificial intelligence boost

Intel's upcoming Cooper Lake microarchitecture will be getting a boost when it comes to artificial intelligence processes, thanks to a partnership with Facebook. The results are CPUs that are able to work faster.
Social Media

New Zealand attack shows that as A.I. filters get smarter, so do violators

The shootings in Christchurch, New Zealand were livestreamed to social media, and while stats show networks are improving at removing offending videos, as the system improves, so do the violators' workarounds.