Announcement

Collapse
No announcement yet.

5,000,000 GMail accounts hacked!

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    5,000,000 GMail accounts hacked!

    A list of the hacked gmail accounts is here. It does not contain passwords. The zip file is 36Mb. The unzipped text file is 104Mb. ARK decompresses it fine and KWrite reads and searches it fine.

    I didn't find my gmail account, nor the accounts of my wife or friends.

    If you need to change passwords you can use /dev/urandom to generate new ones.

    cat /dev/urandom| tr -dc 'a-zA-Z0-9-_!@#$%^&*()_+{}|:<>?='|fold -w 12| head -n 4| grep -i '[!@#$%^&*()_+{}|:<>?=]'
    i6a*ri:gCHBn
    &5RNiw*3iFdM
    9T7dRlx^x|cx
    Vylk:H64wasj


    The first part generates passwords containing a through z (lower and upper), and most of the upper keys and characters.
    The "fold -w 12" generates passwords that are 12 characters long. Adjust to suit your needs.
    The "head -n 4" generates four passwords. Ditto.

    If you only want letters and numbers then use
    cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 12| head -n 4

    The "/dev/urandom" generates pseudo random passwords very quickly. "random" generates more random passwords but depends more on the entropy pool. So, a 12 character password using "/dev/random" may take an hour to generate, depending on the size of your entropy pool, the amount of RAM and your CPU speed.

    Including more than just letters and numbers increases significantly the size of the pool of characters which must be tested and would make dictionary attacks essentially impossible.

    If you want to check the activity of your gmail account you can open it to any gmail page and look at the side or bottom for
    Last account activity: 1 hour ago
    Details
    Click on the "Details" and a window will open showing the following information:
    Access Type [ ? ]
    (Browser, mobile, POP3, etc.)
    Location (IP address) [ ? ] Date/Time
    (Displayed in your time zone)
    Last edited by GreyGeek; Sep 10, 2014, 03:39 PM.
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.

    #2
    Mines not either. Thanks.
    I read this on the news. They said it was hacked two years ago(or something two years ago). So if you changed pw since then, you should be ok.
    Boot Info Script

    Comment


      #3
      The list was, in theory, not the result of hacking gmail or Google, but compiled from the results of various attacks where gmail addresses were obtained. The passwords are those used in those various services, so only those who used the same password on gmail would have had their gmail account vulnerable. Google says it was only "1 or 2" per cent, and they've all been "advised" to change their password.
      Last edited by jlittle; Sep 10, 2014, 11:13 PM. Reason: missing word
      Regards, John Little

      Comment

      Working...
      X