Security News > 2021 > January > Hacker blunder leaves stolen passwords exposed via Google search
Hackers hitting thousands of organizations worldwide in a massive phishing campaign forgot to protect their loot and let Google index the stolen passwords for public searches.
The phishing campaign has been running for more than half a year and uses dozens of domains that host the phishing pages.
Researchers at cybersecurity companies Check Point and Otorio analyzing this campaign discovered that the hackers exposed the stolen credentials to the public internet.
Researchers at the two cybersecurity companies say that the attackers also compromised legitimate WordPress servers to host the malicious PHP page delivered to victims.
The attackers used several phishing email themes to lure potential victims into loading the landing page that collected their Microsoft Office 365 username and password.
While Google indexing hackers' pages where they save stolen data is not a first, it shows that not all malicious actors are sufficiently skilled to protect their operations.
News URL
Related news
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Hackers use Google Search ads to steal Google Ads accounts (source)
- Google says hackers abuse Gemini AI to empower their attacks (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)