The world’s largest compilation of passwords to be leaked online has been discovered by a research team at Cybernews, containing 9,948,575,739 unique plaintext entries. The credentials were discovered in a file named “rockyou2024.txt” that was posted on a popular hacking forum on July 4, 2024.
Many of the so-called RockYou2024 passwords have already been leaked in previous data breaches. This is not the first RockYou data dump either, as the name has been associated with a number of large-scale password leaks since 2009.
The user who posted RockYou2024, who has the username “ObamaCare,” has been responsible for multiple data dumps since creating their account in May 2024. They have shared an employee database from law firm Simmons & Simmons, a lead from online casino AskGamblers and student applications for Rowan College at Burlington County in New Jersey.
RockYou is a defunct social application site and, in 2009, more than 32 million of its users’ account details were exposed after a hacker got hold of the plaintext file where they had been stored. In June 2021, another text file was posted named “rockyou2021.txt.” This 100GB file contained 8.4 billion passwords, making it the largest ever password dump at the time.
Downloading this new Mac browser could leave you with a nasty malware infection — don’t fall for this
Hackers are once again using the new Arc browser as a lure in their attacks
If you’re tired of Safari and are thinking of switching browsers, you need to be extra careful as hackers are using fake ads to infect the best MacBooks with info-stealing malware.
The fake version of the Arc browser is a malicious software disguised as the legitimate Arc browser. Here's how you might encounter it and what to be aware of:
- Malicious Google Ads: Cybercriminals are creating fake Google ads that appear when users search for the Arc browser. These ads often appear at the top of search results and can be difficult to distinguish from legitimate results.
- Lookalike Domains: The fake Arc browser is distributed through websites with domain names similar to the official Arc.net, such as airci.net or arilic.net
These sites may look identical to the official Arc website. - Trojanized Installer: The fake version typically comes as a .dmg file for Mac or an .exe file for Windows. It may contain a Trojan horse or other malware.
- Malware Payload: If installed, the fake Arc browser can act as an info-stealer, gathering sensitive data like passwords and wallet information.
- AppleScript Component: In some Mac versions, the malware uses an AppleScript payload to execute its malicious functions.
To avoid getting the fake version:
- Always download the Arc browser directly from the official website (arc.net).
- Be cautious of sponsored search results and ads, especially those appearing at the top of search engine results.
- Verify the website URL before downloading any software.
- Use reputable antivirus software and keep it updated.
- Be skeptical of any Arc browser installers for Windows, as the official Windows version was only recently released in beta.
Remember, if an offer or download seems too good to be true or comes from an unexpected source, it's best to err on the side of caution and verify its legitimacy before proceeding.
This is a Myth.
While it is true that Apple computers, like any other computer system, are not completely immune to viruses and malware, they are generally considered to be more secure than Windows-based computers. There are several reasons for this:
-
Market Share: Windows operating systems have historically been more popular and have a larger market share than Apple's macOS. Since most viruses and malware are designed to target the largest number of potential victims, Windows has been the primary target for attackers. However, as the popularity of Apple computers continues to grow, they are increasingly becoming a target for malware authors.
According to the 2021 Cybersecurity Report by Cybersecurity Ventures, the annual cost of cybercrime is estimated to be 6 trillion dollars worldwide.
This includes both direct and indirect costs such as lost revenue, recovery costs, and the cost of increased cybersecurity measures.