Over two million Google, Facebook and other accounts have been hacked since October, cyber security experts warned.
Hackers managed to steal user passwords through keylogging software. The software records all your credentials, including passwords and route information, to the proxy server (a computer system or an application that acts as an intermediary for requests from client seeking resources from other servers), making it impossible to know which computers have the virus. The hacking began on October 21 of this year.
John Miller, security research manager at Trustwave, said that the hack wasn’t due to an imperfection in any of those company’s servers. “It was the individual users’ computers that had the malware installed on their machine,” he said.
He adds that the unnamed hackers were most likely motivated by profit. “These passwords were never publicly posted. We can’t say for sure, but the hackers were probably going to sell them”.
“For a better password, we recommend a mix of uppercase, lowercase, numbers, and special characters,” said Miller. “We also recommend using longer passwords of 16 or more characters, as well as using different passwords on different websites.”
The Trustwave study showed that nearly half of all compromised passwords are all passwords that used a single character type, said reports.
“The most important thing is to have a different password for every site that you are registered to,” said former chief security officer for MySpace.com Hemu Nigam.
Make sure to update your antivirus software and download the most recent patches for Internet browsers, Java and Adobe.