the biggest password breach :RockYou2024

By Blessing

Updated on:

Follow Us
Comprising of nearly 10 billion unique passwords leaked on a popular hacking forum, RockYou2024.txt file has exposed how vulnerable users are to re-use their passwords for logins

The world is still in shock over the recent revelation of what is considered to be the largest password breach seeing nearly 10 billion unique passwords being leaked on a popular hacking forum on the 4th of July 2024. Hailing by the name of RockYou2024, poses a significant threat to anyone who is in the habit of using one password for multiple logins. In this blog post, I will discuss the details of the RockYou2024 leak, and its implications on users and provide remedial steps to protect oneself from such attacks in the future.

According to Researchers, they believe what has transpired so far appears to be the biggest password cache ever uncovered, with 9,948,575,739 unique plaintext passwords inside. The file, titled “rockyou2024”, was posted on a hacking forum by a user named ObamaCare.

Post announcing the leak on hacker forum . Image Source : Cybernews ( Image Credit by: Cybernews)

The .txt file, titled contains passwords stolen in a mix of old and new attacks, making the file a brute force attackers’ dream

“In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” Cybernews researchers say

3 years ago the RockYou2021 leak exposed another 8.4 billion passwords in plain text. This recent breach has added 1.5billion passwords to the list, making it the biggest compilation so far.

What is a brute force attack?

A brute force attack is a type of hacking that uses trial and error to breach login credentials, crack passwords and encryption keys. It is an unsophisticated yet reliable method hackers use to try and gain unauthorized access to networks, organizations`s systems, and user accounts. This method requires the hacker to have plenty of time at their disposal because it takes a lot of time even years to successfully crack an encryption key or password. For hackers, time is an asset that they can invest in waiting since the rewards are handsome.

How it happened

hilst going under the alias ObamaCare, the hacker registered on the forum in late May 2024. It was established that the perpertrator had previously shared a leaked employee database from the law firm Simmons & Simmons. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” researchers said.

This means that if the leaked data contains user email addresses, user names, marketplaces, and any other user credentials, it can be used to commit serious online crimes such as identity theft, bank fraud, blackmailing, etc. “The hackers can use the RockYou2024 password compilation to gain unauthorized access to various online accounts using brute-force attacks with the help of passwords included in the dataset,” the team explained.

The compilation of these data breaches has been done since 2009 and is comprised of hundreds of millions of user passwords for social media accounts collected from over 4,000 databases spanning over two decades.

Researchers believe that hackers can utilize the RockYou2024.txt file to target any system that isn’t protected against brute-force attacks. This includes any platform regardless of it being online or offline services, industrial hardware, internet-facing cameras, IoT services, etc.

This leak has already given birth to a large number of threat attacks, such as those that were targeted at Advance Auto Parts, Santander, Ticketmaster, Quote Wizard, and others. These organizations have suffered particularly from breached login credentials attacks being leveled against their cloud service provider, Snowflake.

Types of Brute Force Attacks

  • Dictionary attacks
  • Credential stuffing
  • Simple brute force attacks
  • Reverse brute force attacks
  • Dictionary attacks
5 types of brute force attacks. Image credit by : Fortinet (Image credit by: Fortinet)

Why Hackers Conduct Brute Force Attacks

1. Stealing of personal data- eg bank accounts, financial details, etc, provide an entry point for further breaches

2. Spreading of malware – can be done via Short Message Service (SMS), email

3. Exploitation of Ads or activity data– infecting website/ visitors with spyware, placing spam ads on popular websites, rerouting traffic to other websites etc.

4. Reputational damage – websites targeted with offensive or obscene text, images, and videos that will affect their brand.

5. Launching pad for malicious activity– used to launch further attacks by use of multiple devices called botnets.

Which tools are used for brute force attacks?

This type of attack is very time-consuming especially when the targeted accounts have strong passwords in place. It uses guesswork to launch its intended attack to associate the victim`s username and e-mail with a password.

Brute force attack involves the use of high processing computing power. However, hackers implement highly advanced CPU and GPU which can perform multiple tasks simultaneously to crack passwords faster.

The commonly used tools for brute force attack are :

  • John the Ripper – Its an open source password recovery tool that supports hundreds of hash and cipher types for operating systems such as Unix, Windows ,macOS, web applications, document files, databases servers, encrypted private keys, and network traffic.
  • Aircrack-ng – used to assess wi-fi network security through mechanisms such as packet injections, fake access points.

How To Prevent Brute Force Attacks

There are several methods individuals, corporations, etc can employ to protect their data from online security attacks such as RDP (Remote Desktop Protocol). Organizations can safeguard their data and strengthen their defense systems from brute force attacks by implementing Cryptanalysis, which is the study of cryptography and ciphers.

1. Enforce the regular use of strong passwords
  • Use of password managers for automatic logins
  • Avoid using common passwords such as including name, birthdays, etc
  • Use passphrases that are difficult to guess
  • Use a different password for every account
  • .Create password-binding rules to truncate words so they appear unreadable to other users.
  • Create multi-character passwords of more than 10 characters
2. Providing ongoing password and security support
  • Provide regular training on best practices and recognizing signs of cyberattacks.
  • Monitoring of networks in real-time to monitor unusual or suspicious behavior such as multiple login attempts.

Conclusion

The RockYou2024 password breach has exposed how serious and vulnerable internet users are to threat actors and the importance of cybersecurity in this world where almost everyone is now conducting their business online. Nearly 10 billion accounts were compromised, risking chances of credential surfing and brute-force attacks. Organizations and individuals are encouraged to implement strong passwords, regularly change passwords, and opt to use password managers, training on best password policies, and cyber security threats. According to Cybernews, they are going to include data from RockYou2024 in the Leaked Password Checker, which is going to allow anyone to check if their credentials were breached via the latest record-holding exposed password compilation. Internet users are encouraged to take up mitigation strategies to protect themselves from online attacks like brute force.  RockYou2024 has been the second record-breaking compilation leaked online in 2024. The importance of cybersecurity has indeed been emp[hasised when earlier this year, hackers leaked the Mother of all breaches (MOAB), which comprised of a shocking 12 terabytes of data, which was made up of 26 billion records of compromised data.

Leave a Comment