According to Trustwave, hackers installed keylogging software on approximately 2 million computers and have been capturing login information for over a month. Trustwave was able to track down at least one of the servers storing the login credentials in the Netherlands, but other servers still exist that have not been located yet. On the Netherlands server they found passwords for:
- 70,000 Gmail accounts
- 60,000 Yahoo accounts
- 318,000 Facebook accounts
- 22,000 Twitter accounts
- 8,000 LinkedIn accounts
ADP accounts were also compromised which means the hackers had access to sensitive information payroll personnel use to issue paychecks. Also included in the compromised information found on the Netherlands server was 41,000 FTP credentials and 6,000 RDP logins.
While security experts don’t yet know how the virus got onto infected computers, they recommend insuring your anti-virus software is up to date, as well as the latest version of your web browser and popular plugins for browsers such as Java and Adobe Flash. Once that is completed you should then update your passwords and make sure they are secure. That means capital letters, small letters, numbers and symbols should be in your password, and ideally your password should at least be between 12-16 characters in total. (Can’t remember your passwords for different accounts? Use a password keeper!)