this post was submitted on 19 Jun 2025
148 points (87.4% liked)

Technology

72224 readers
3389 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] A_norny_mousse@feddit.org 24 points 1 week ago (2 children)

I couldn't find in the article a list of all platforms affected, only this:

billions of login credentials from social media, VPNs, developer portals and user accounts for all the major vendors.

Since I don't use the big three, I'd be really interested to see a list, before I go through every online account I ever created with a throwaway email.

[–] drspod@lemmy.ml 23 points 1 week ago (1 children)

This article is about credentials that are stolen directly from users' devices that are compromised with malware. So they will be that user's passwords for whatever services they were using while infected with the malware. This is why the dumps contain passwords for just about every online service that exists.

This isn't an actual database breach of the major providers.

[–] A_norny_mousse@feddit.org 6 points 1 week ago (1 children)

Thanks for clarifying. Still, does this affect every "device" user out there? There must be some sort of explanation here, what's the attack vector etc. I couldn't find it even on that Lithuanian guy's website.

[–] drspod@lemmy.ml 6 points 1 week ago (1 children)

This forbes blog is about this article:

https://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/

The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data. Most of the datasets were temporarily accessible through unsecured Elasticsearch or object storage instances.

So there isn't really an explanation other than "somebody collected these somehow and left the data unsecured."

The attack vector for infostealer malware is usually social engineering, getting unwary users to download infected trojanized software via phishing and malvertising etc.

If you follow security news, you will see articles about infostealer malware campaigns all the time.

https://www.theregister.com/2025/06/18/minecraft_mod_malware/

https://thehackernews.com/2025/06/malicious-pypi-package-masquerades-as.html

https://thehackernews.com/2025/06/rust-based-myth-stealer-malware-spread.html

https://thehackernews.com/2025/05/eddiestealer-malware-uses-clickfix.html

[–] Geodad@lemmy.world 4 points 1 week ago

Oh, so I'm probably safe.

I don't do mainstream social media, and I don't answer phone calls, texts, or emails from unknown sources.

Mama told me not to talk to strangers, and I took that into the digital age.

[–] sickday@fedia.io 4 points 1 week ago

Yeah the closest to listing off affected services was this:

The information contained, the researchers stated, open the door to “pretty much any online service imaginable, from Apple, Facebook, and Google, to GitHub, Telegram, and various government services.”

Which doesn't say very much :s. If you don't use any of these big online services and use a locally managed password manager I'd wager you're fine.