26 million logins believed to be stolen from LiveJournal in 2017 pop up on hacker forum

Best change any recycled credentials from your blogging days


Russian-owned blogging service LiveJournal has reportedly suffered a hack affecting 26 million user accounts.

According to the reliable Troy Hunt's Have I Been Pwned? service, the incident occurred at some point in 2017. One year later a forked spinoff of LiveJournal called Dreamwidth began noticing credential-stuffing attacks.

Around 26 million "unique" usernames, email addresses and passwords are said to have been stolen from LiveJournal and ended up circulating cybercrime forums.

A lengthy statement from Dreamwidth itself, published yesterday, alleged that stolen data was being used in a fresh round of seemingly successful account compromise attempts.

Beginning in March of 2020, and again in May of 2020, we saw several instances of Dreamwidth accounts being broken into and used for spam. We believed at the time, and continue to believe, that the source of the password information being used to break into these accounts is the same black-market file that claims to be LiveJournal password data.

"We have no way to tell for sure whether LiveJournal has actually had a data breach," the forked platform added, advising: "It's best if you treat any password you've ever used on LiveJournal in the past as compromised, since we can't tell for certain when the alleged breach happened."

LiveJournal was big in the mid-2000s as a spiritual successor to Myspace, itself the second generation along from Geocities and the UX design instincts of teens who had recently discovered the <strike> tag and CSS.

The Register was unable to reach LiveJournal for comment.

The site has all but faded out of the popular consciousness, though in 2017 it was sued for alleged copyright infringement after moderators posted photos on a user-created group, and then ran ads next to them. A year before that, infosec researchers found the notorious Angler exploit kit circulating on the site. ®


Other stories you might like

  • It's the flu season – FluBot, that is: Surge of info-stealing Android malware detected

    And a bunch of bank-account-raiding trojans also identified

    FluBot, a family of Android malware, is circulating again via SMS messaging, according to authorities in Finland.

    The Nordic country's National Cyber Security Center (NCSC-FI) lately warned that scam messages written in Finnish are being sent in the hope that recipients will click the included link to a website that requests permission to install an application that's malicious.

    "The messages are written in Finnish," the NCSC-FI explained. "They are written without Scandinavian letters (å, ä and ö) and include, for example, the characters +, /, &, % and @ in illogical places in the text to make it more difficult for telecommunications operators to filter the messages. The theme of the text may be that the recipient has received a voicemail message or a message from their mobile operator."

    Continue reading
  • AsmREPL: Wing your way through x86-64 assembly language

    Assemblers unite

    Ruby developer and internet japester Aaron Patterson has published a REPL for 64-bit x86 assembly language, enabling interactive coding in the lowest-level language of all.

    REPL stands for "read-evaluate-print loop", and REPLs were first seen in Lisp development environments such as Lisp Machines. They allow incremental development: programmers can write code on the fly, entering expressions or blocks of code, having them evaluated – executed – immediately, and the results printed out. This was viable because of the way Lisp blurred the lines between interpreted and compiled languages; these days, they're a standard feature of most scripting languages.

    Patterson has previously offered ground-breaking developer productivity enhancements such as an analogue terminal bell and performance-enhancing firmware for the Stack Overflow keyboard. This only has Ctrl, C, and V keys for extra-easy copy-pasting, but Patterson's firmware removes the tedious need to hold control.

    Continue reading
  • Microsoft adds Buy Now, Pay Later financing option to Edge – and everyone hates it

    There's always Use Another Browser

    As the festive season approaches, Microsoft has decided to add "Buy Now, Pay Later" financing options to its Edge browser in the US.

    The feature turned up in recent weeks, first in beta and canary before it was made available "by default" to all users of Microsoft Edge version 96.

    The Buy Now Pay Later (BNPL) option pops up at the browser level (rather than on checkout at an ecommerce site) and permits users to split any purchase between $35 and $1,000 made via Edge into four instalments spread over six weeks.

    Continue reading

Biting the hand that feeds IT © 1998–2021