‘RockYou2024’: Nearly 10 billion passwords leaked online


On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches.

The list is referred to as RockYou2024 because of its filename, rockyou.txt. To cybercriminals the list has some value because it contains real-world passwords. This means if an attacker tried this list of passwords to try to break into an account (known as a brute force attack) they’s be more likely to get in than just trying a list of any old letters and words.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter


Related:

  • Co-op cyber attack could be any number of things: Cyber security expert

    July 12, 2024

    Some stores are still dealing with problems on their shelves after a cyber attack against Federated Co-operatives Ltd. two weeks ago, but the company hasn’t said much about what’s going on. Co-op has kept customers updated as bits and pieces like cardlocks come back online, and this week when rumours began circulating about customers’ data being ...

  • Gay furry hackers strike massive cyber attack against US far-right Project 2025

    July 10, 2024

    A collective of self-described “Gay furry hackers” called SiegedSec managed to hack into the right-wing Heritage Foundation affiliated with Project 2025 in a massive cyber attack. The hackers released two gigabytes of data, including Heritage Foundation member names, email addresses, passwords, and usernames. SiegedSec claimed responsibility for the hack on Telegram, sharing that they breached online ...

  • Reeling in DarkGate Malware Attacks from the Beach

    July 10, 2024

    Last year, the number of malware attacks worldwide reached 6.08 billion. That’s a 10% increase compared with 2022. Why are cybercriminals developing so much malware? Because it is a vital tool to help them infiltrate businesses, networks or specific computers to steal or destroy sensitive data. or destroy sensitive data. There are many types of malware ...

  • Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks In Internet Shortcut File To Lure Victims (CVE-2024-38112)

    July 9, 2024

    Check Point Research recently discovered that threat actors have been using novel (or previously unknown) tricks to lure Windows users for remote code execution. Specifically, the attackers used special Windows Internet Shortcut files (.url extension name), which, when clicked, would call the retired Internet Explorer (IE) to visit the attacker-controlled URL. An additional trick on IE ...

  • An In-Depth Look at Crypto-Crime in 2023 Part 1

    July 8, 2024

    Cryptocrime refers to any criminal activity involving the use of cryptocurrency. This can include theft, fraud, money laundering, and other illicit activities. Cryptocurrencies, such as Bitcoin and Ethereum, operate on decentralized networks and are not issued or controlled by any central authority. This makes them an attractive target for criminals due to their anonymity and lack ...

  • CloudSorcerer – A new APT targeting Russian government entities

    July 8, 2024

    In May 2024, Kaspersky researchers discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. The malware leverages cloud resources as its command and control (C2) servers, accessing them ...