Around 26 million passwords stolen from Windows usersAnd the According to Nordlocker, a file encryption program.
The database discovered by this company weighs 1.2 TB, although they report that the stolen files, cookies and credentials come from 3.2 million Windows PCs.
Malware that was used to steal this data infected computers between 2018 and 2020, So the virus gained access to six million files that were in the users’ download folder.
One of the main reasons for the success of the theft is that In the documents they found written users passwords.
According to cyber security experts, the malware is embedded in illegal versions of Photoshop and other security tools. cracking in windows that offer paid games.
This virus also managed to access victims’ photos taken directly from their webcam, so users never found out that their personal information had been stolen.
The company said that the antivirus cannot work against this attack, as the malware is personal and Very new in the virtual world.
Experts advise users not to type their personal passwords into documents and to use a password manager that encrypts the information.
How do you know if you are a victim of Windows theft?
Place It has been Pwned, created by Troy Hunt, regional director of Microsoft, has already been updated with a database of users whose passwords have been stolen.
For people who want to know if they are victims of this attack, they just have to go to this website and enter the data.
in case there is Data has been stolen It is imperative that users change their passwords immediately.
How do you protect passwords from hackers?
- You should enable two-factor authentication whenever possible, that way, in addition to needing your own username and password, The attacker will also need a one-time-token to log into their account.
- Check where and when the account was accessed. Many sites and apps allow you to view your login history and see where you are currently logged in.
- Choose safety information carefully for Restore access to your account.
- Don’t use the answers to control questions that anyone can easily guess on Google or guess.