The FBI appears to be closing in on the identity of a man linked to the biggest data theft ever recorded.
The hacker, known on underground forums as ‘mr grey’, was spotted actually advertising online that he had access to Facebook and Twitter accounts, The Feds said in court documents seen by Reuters.
The agency managed to identify him through a Russian email address, thanks to information provided by the cybersecurity company that first revealed the huge data heist back in August 2014.
The court papers in question were apparently filed in support of an FBI search warrant in December that year.
Mr grey apparently claimed on underground hacking forums that he had account information for users of Facebook, Twitter and Russian social network, VK.
Milwaukee-based Hold Security shocked the world when it revealed in summer 2014 that a Russian cybercrime gang had stockpiled a treasure trove of 1.2 billion password and username combinations and more than 500 million email addresses.
The access credentials seemed to come from a wide range of site, from Fortune 500 companies to small businesses all over the world.
It appeared at the time as if the gang was monetizing the haul by sending out mass spam emailers.
The breached sites are said to have been compromised through a simple SQL injection attack—the same vulnerability which it is believed allowed hackers to breach TalkTalk last month.
Hold Security claimed at the time that the Russian gang had effectively ‘audited the internet’ for vulnerable sites with bots first before returning to compromise the ones with poor security.
The vendor’s founder, Alex Holden, told the New York Times that the gang came from a small city in southern Russia, and consisted of fewer than a dozen men in their early 20s, who had been ramping up their attack activity over the previous three years.
Photo © Militarist