1.2 billion shades of grey: FBI links hacker to 1.2 billion stolen web credentials

Thomas McMullan Read more November 25, 2015

A hacker known as “mr.grey” has been linked, via a Russian email address, to a staggering 1.2 billion stolen internet credentials, the FBI has revealed in court documents.

1.2 billion shades of grey: FBI links hacker to 1.2 billion stolen web credentials

Reuters has reported that information on the hacker came after US officials got a tip last year from Hold Security, a cyber security firm, which uncovered that a Russian hacking group going by the name of CyberVor was responsible for breaching 1.2 billion login details along with over 500 million email addresses.

An FBI investigation was subsequently launched, and authorities were able to find lists of utilities and domain names used to send spam. Amongst the spam utilities was an email address, registered in 2010, for a certain “mistergrey”. A search of Russian hacking forums then led the FBI to a user called “mr.grey”, who posted in 2011 touting account info for Facebook, Twitter and the Russian social network, VK.

Hold Security’s chief information security officer, Alex Holden, told Reuters that he believes the 2011 message proves the hacker, or group of hackers, has access to a large database of stolen data. Facebook, Twitter, the FBI and the US Justice Department have all declined to comment. We’ll, of course, bring you more information when it becomes available.

News of the hacker comes in the wake of a series of high-profile data breaches. In October, information relating to 15 million T-Mobile users was leaked, in July a breach of affair-dating site Ashley Madison left 37 millions account compromised and, prior to this, an attack on the US Office of Personnel Management (OPM) left the personal information of 21.5 million people at risk.