Tech giant, Google is digging into the dark corners of the web to better secure people’s accounts. Looking at cybercriminal black markets and public forums, the company found millions of usernames and passwords stolen directly through hacking.
Google published its research, conducted between March 2016 and March 2017 last week and It also uncovered billions usernames and passwords indirectly exposed in third-party data breaches. For one year, Google researchers investigated the different ways hackers steal personal information and take over Google accounts.
Focusing exclusively on Google accounts and in partnership with the University of California, Berkeley, researchers created an automated system to scan public websites and criminal forums for stolen credentials. The group also investigated over 25,000 criminal hacking tools, which it received from undisclosed sources. Google said it is the first study taking a long term and comprehensive look at how criminals steal your data, and what tools are most popular.
Kurt Thomas, security researcher at Google said, ‘one of the interesting things [we found] was the sheer scale of information on individuals that’s out there and accessible to hijackers’.
Google said it is sharing its latest findings so other companies can also implement better protections to guard against account hijacking.