Tag: stealer
-
Inside the Synthient Threat Data
Inside the Synthient Threat Data Where is your data on the internet? I mean, outside the places you’ve consciously provided it, where has it now flowed to and is being used and abused in ways you’ve never expected? The truth is that once the bad guys have your data, it often replicates over and over…
-
We’re Backfilling and Cleaning Stealer Logs in Have I Been Pwned
We’re Backfilling and Cleaning Stealer Logs in Have I Been Pwned I think I’ve finally caught my breath after dealing with those 23 billion rows of stealer logs last week. That was a bit intense, as is usually the way after any large incident goes into HIBP. But the confusing nature of stealer logs coupled…
-
Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs
Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs I like to start long blog posts with a tl;dr, so here it is: We’ve ingested a corpus of 1.5TB worth of stealer logs known as “ALIEN TXTBASE” into Have I Been Pwned. They contain 23 billion rows with 493 million unique website and email address…
-
Experimenting with Stealer Logs in Have I Been Pwned
Experimenting with Stealer Logs in Have I Been Pwned TL;DR — Email addresses in stealer logs can now be queried in HIBP to discover which websites they’ve had credentials exposed against. Individuals can see this by verifying their address using the notification service and organisations monitoring domains can pull a list back via a new API.…