THE US FEDERAL BUREAU OF INVESTIGATION (FBI) has linked a hacker to the theft of 1.2 billion internet credentials uncovered in August last year.
Court documents made public last week, and seen by Reuters, name a mysterious force called 'mr.grey' as the hacker, or group of hackers, behind last year's attack, which is regarded as the biggest cyber heist to date.
The FBI was able to link the stolen credentials to the hacker using a Russian email address, according to the documents. The address was registered to 'mistergrey', and was found buried in the spam utilities that were used to bombard compromised email accounts.
A search of Russian hacking forums then led the FBI to a user called 'mr.grey', who posted in 2011 that he had account info for Facebook, Twitter and Russian social network VK.
Alex Holden, chief information security officer at Milwaukee-based Hold Security, told Reuters that he believes the 2011 message proves that the hacker, or hackers, has access to a large database of stolen data. Facebook and Twitter declined to comment.
The FBI investigation followed last year's announcement by Hold Security that it had obtained information that a Russian hacker group it dubbed CyberVor had stolen the 1.2 billion credentials and more than 500 million email addresses.
Hold Security's revelation also revealed that the hacking group grabbed 4.5 billion username and password combinations, although many were reported to have been duplicates.
Victims of the theft were not named at the time, but the security firm said that the list included Fortune 500 organisations and websites ranging from household names to small businesses located all over the world.
Malwarebytes intelligence analyst Chris Boyd told The INQUIRER at the time of the hack that users should change their web credentials, but otherwise chill out about the whole thing.
"With zero information out there to go on, all we can say is to change your log-ins if you feel you must, but don't do it out of any sense of panic or impending doom," he said.
"If this attack really is this wide-reaching, surely some of this information will come out in the wash eventually. With 1.2 billion passwords supposedly taken, it would be impossible for it not to." µ
Flagship will launch a day early to avoid being 'overshadowed' by Apple
EC says merged entity will 'continue to face significant competition'
Alexa, give me a reason to be cheerful about the UK economy
No, it isn't 1 April