Skip to main content

Thursday Threat Report: CryptoLocker cured, the biggest data heist ever, and Yahoo serving up ransomware in ads

Welcome to ITProPortal's Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats - things are about to get scary.


A Russian criminal gang has pulled off the biggest online data heist ever, lifting 1.2 billion usernames and passwords belonging to more than 500 million email addresses. This is the largest cache of stolen data ever found.

The nameless gang has been dubbed "CyberVor", after the Russian word "vor", meaning "thief" by Hold Security, the company responsible for discovering their nefarious doings.

The CyberVor gang amassed a huge database of over 4.5 billion records, mostly consisting of stolen credentials. 1.2 billion of these credentials appear to be unique, complete pairs of usernames and passwords belonging to over half a billion e-mail addresses around the world.


It's not often we report good news on the Thursday Threat Report, but if you're one of the 500,000 victims hit by the CryptoLocker ransomware blight that swept the UK over the past year, your luck might be about to turn. A new tool developed by security experts FireEye and Fox-IT has cracked the cryptolocker curse, and made it finally possible to remove the nasty virus from your infected machines.

The new tool is simple. Users simply have to provide your email address and an encrypted file that has been encrypted by CryptoLocker.

Developmentally challenged

If you're a Mozilla developer, watch out! Mozilla has made a faux pas on the security front, with the browser maker accidentally leaking the email addresses of no less than 76,000 developers.

This actually happened beginning on 23 June, when a "data sanitisation"process of the Mozilla Developer Network (MDN) site database started failing, and did so for a month without being noticed. The problem was spotted by a Mozilla web developer 11 days ago, and since then, the company has been investigating the issue before making an announcement.

Yahoo've got to be kidding

It recently emerged that Yahoo's advertising platform has been the target of an ambitious and insidious attack, which leveraged the popular online advertising platform in order to deliver a particularly nasty piece of ransomware.

In these so-called "malvertising" attacks, cyber criminals gain legitimacy for their ad servers within ad network, and then use the trust they've gained to serve malicious ads to high-profile sites.