Hackers constantly test leaked keys
A group of security researchers from Agari have run a test to see how long it would take cybercriminals to test user passwords that have been leaked on the internet. They have used false passwords, which actually pretend to be original, to be real accounts.
To carry out the test strategically they exposed several thousands of passwords In the net. They pretended that they were real keys, accounts that they created for the occasion. This way they had enough to see what would happen.
They found that hackers act fast. They can quickly use a password that for some reason has leaked into the network and has been exposed to anyone. Specifically, according to the study carried out by Agari, they access on average within 12 hours of being filtered.
However, time can be much faster. In fact, they saw that they tried to access 20% of the keys that they leaked on the network in less than an hour and 40% in the first six hours. This undoubtedly shows how quickly cybercriminals scan the network for possible passwords that have been leaked, Phishing attacks or any security problem.
They tried to manually access almost all
Another result obtained by Agari’s security researchers is that intruders, in most cases at least, attempted to manually access the supposedly leaked accounts. They do this to check if the credentials really work and can be accessed.
Researchers indicate that it is a tedious process having to test the access codes manually, but in this way they also obtain benefit. This benefit basically consists of being able to analyze the account one by one and see what kind of information they can obtain and in what way they could exploit it economically.
Keep in mind that information has great value on the net. Not all accounts are going to work for hackers in the same way. A social network, where they could find the victim’s data, be able to contact third parties to send Phishing attacks on the victim’s name, is not the same as, for example, a bank account or a subscription on a payment platform.
Therefore, with this study, what security researchers have shown is that any leaked password on the network can quickly end up in the hands of cybercriminals. Hence the importance of always creating passwords that are strong, secure and changing them periodically. In addition, you have to be careful of certain aspects such as the risk of using key managers in the browser. Our advice is to properly protect any type of registry and, if we have that possibility, have two-step authentication to create an extra layer of security.