Hackers released the passwords of over 70 million Chinese internet accounts


In China, we have the biggest number of people on internet in the world.
But unfortunately our security technology is too bad to support this number one.

In these days, from Dec. 21st to 26th, some hackers have released the passwords of over 70 million Chinese internet accounts. Because most people just have one accounts, so that means over 70 million people have been leaked. Compare with our population, about 5%.

Because some hackers released the users' information of many Chinese famous websites' databases, including the usernames, passwords, email addresses and phone numbers etc. It was not very difficult to find those files and download them, I have downloaded most of them.

But what made me most surprise was almost every people around me, they didn't know this happened, some of them knew that but didn't believe until I showed them their own passwords.

I think this is very dangerous, because hackers just put the passwords in public, so anyone who wants to do some evil things, they have a lot of methods. And because most people use same passwords and same user names for all websites, so that's very easy to find out and get more information from other places like email, IM software and some eCommerce websites. What they have leaked, not only the passwords of those websites.

I don't know whether this is a big news in other foreign countries, but in China, I think it will be bigger after many people are hurt.

The websites which leaked the passwords I have confirmed were:
Facebook-like service - renren.com - 4,768,600
Leading IT development website - csdn.net - 6,428,632
Twitter-like service - webo.com - 4,765,895
The biggest Chinese online community website - tianya.cn - 31,761,424
Popular online game community website - 17173.com - 18,333,776
Popular online game community website - duowan.com - 8,305,005
Popular online game community website - uuu9.com - 5,577,553
Other common websites -16,144,539 total

In the future may have more passwords leaked, now it's over 70 million. It's really a very huge number!

And from my opinion, they are not just the hackers' faults. Because most of those websites are using unencrypted passwords in the databases. That's why hackers can easily get users' passwords, if they put the passwords into database with MD5, hash or own-created algorithm, hackers can not get them so easily.

I even felt angry about the csdn.net, as the leading IT development website in China, so many developers talk about the technologies on it, but it is also using unencrypted passwords like other websites in databases, really really shit!! Unforgivable! This is why when I saw their official apology to users I felt worse than before. I've given up it.

If you are a foreign visitor on my blog, any questions you can just ask me, I'd like to tell you what I know.

, , ,

  1. #1 by nayifu on December 27, 2011 - 12:46 am

    Don't be stupid!
    The passwords must be emmited by the GOV member!

    • #2 by mcsrainbow on December 27, 2011 - 12:59 am

      Sorry, what's the meaning of "emmited" in your comment?

  2. #3 by mcsrainbow on December 27, 2011 - 3:52 pm

    Now the number of passwords leaked in public is about 100 million.

  3. #4 by kut on January 3, 2012 - 1:31 am

    I don't belive this. Which websites dare to allow to download such files?

    • #5 by mcsrainbow on January 4, 2012 - 12:12 pm

      No websites, just some resource links of P2P software, but they only can survive for 1-2 days.
      I have downloaded the files which contain over 70 million passwords, and I kept them as my collections.
      I think it's very normal that you don't believe this, because many Chinese people around me, they didn't believe either .

      • #6 by magodo on August 30, 2015 - 11:41 pm

        Hello mcsrainbow. I am urgently seeking such collections for my wifi cracker. I just moved to a new place and want to have network. Thanks in anticipation!

  4. #7 by Cyber Sleuth on March 7, 2012 - 2:16 pm

    Hi Mate, Can you plz share databases with me? I missed them. Send me email

    • #8 by mcsrainbow on March 9, 2012 - 5:03 pm

      They take me 2GB disk space, how could I send you via email?

      • #9 by noone on June 9, 2016 - 6:12 am

        Upload it to Mega.nz

(will not be published)

*


Fork me on GitHub