Security News > 2021 > January > Hacker blunder leaves stolen passwords exposed via Google search
Hackers hitting thousands of organizations worldwide in a massive phishing campaign forgot to protect their loot and let Google index the stolen passwords for public searches.
The phishing campaign has been running for more than half a year and uses dozens of domains that host the phishing pages.
Researchers at cybersecurity companies Check Point and Otorio analyzing this campaign discovered that the hackers exposed the stolen credentials to the public internet.
Researchers at the two cybersecurity companies say that the attackers also compromised legitimate WordPress servers to host the malicious PHP page delivered to victims.
The attackers used several phishing email themes to lure potential victims into loading the landing page that collected their Microsoft Office 365 username and password.
While Google indexing hackers' pages where they save stolen data is not a first, it shows that not all malicious actors are sufficiently skilled to protect their operations.