A lot of people are changing their Gmail passwords since the news on 5 million Gmail passwords leaked widely spread all over the internet today. According to the new, the user “Tvskit” posted the zip file with the following screenshots in Russion Bitcoin forum.
Some sources said that the passwords in that file are 60% accurate but old passwords. I followed a few links to get the zip files from different source (including the original btcsec website) and extracted them on a VM. Here is the list of links that I downloaded the files. (Note: I intentionally didn’t link them from my blog. )
If you are planning to download those files from those websites that I posted in screenshot and the size are the same, don’t bother downloading it. Because those files don’t contain any password and it’s just the list of user names. (4929083 accounts in totals)
A user “cDull” from reddits also shared what they think about what happened as below in this post “5 Millions of “Gmail” passwords leaked [RUS], most likely it’s a compilation of passwords from other sites”
That is pretty smart of you, and there are many others that had same idea. Just do a grep for ‘+’ in the gmail account dump and you see a lot of eharmony, filedrop, friendster, bravenet, bioware, savage, xtube, and others if you do the command below. There might be more than 20 different website references in there. This is definitely a compilation and a bunch of bullshit FUD.
grep '+' google_5000000.txt | cut -d+ -f2 | cut -d@ -f1 | sort | uniq -c | sort -h | tail -n 21 18 bravenet 18 filesavr 19 policeauctions 25 4 27 eh 28 3 32 freebiejeebies 40 hon 51 bryce 52 savage2 54 bioware 57 spam 60 2 62 savage 63 friendster 64 eharmony 66 daz3d 88 filedropper 125 1 132 daz 176 xtube
If you managed to get the file then don’t forget to use a VM before extracting the file. Of course, you have the file with passwords then let me know..