Wednesday, June 06, 2012

Confirmed: LinkedIn 6mil password dump is real

Today's news is that 6 million LinkedIn password hashes were dumped to the Internet. I can confirm this hack is real: the password I use for LinkedIn is in that list. I use that password NOWHERE ELSE. Furthermore, it's long/complex enough that I'm confident NOBODY ELSE uses the same password. Other security pros are reporting the same result. Therefore, we can confirm that this hack is real.

The way I tested to see if my password was in the list was to first generate a SHA-1 hash of my password, then I searched in the file "combo_not.txt" that I downloaded from the Internet containing the 6 million password hashes. I found a match.

To make it easy to calculate your SHA-1 password, I've included a form below. This is done in JavaScript inside your browser, it does not submit your password/hash to me or anybody else:

Enter any message to check its SHA-1 hash
  • Note SHA-1 hash of ‘abc’ should be: a9993e364706816aba3e25717850c26c9cd0d89d

Many of the hashes have their first few digits zeroed out (as described in this ycombinator post) as shown in the this excerpt from the file:

...
000000a9da36caf22886a0203caa29e7d2631174
000000a9d9ccfdca4d241e44d415c15dba0b4c28
000000a9298b1bfc8d1237d6f3995b2d2625ce3a
000000a92ee7725afdcac707d22e2333531f9e51
000000a92dbec5cff02bfa678a0f7a78b6a46573
323300a988286c019e2dcc3100b355557257f632
923b00a9574dd89143cde9db87871890a1082bc2
3c4400a900d31c9634e355e18975f8cfe710ab7d
354b00a96d36f0c48d0c286b29120f8409e3bde1
405700a93eac557d85d2f1347db8f9a312557fc8
...
This means instead of searching for the complete SHA-1 output, you want to search for just the later part of the hash. People think that this means that the hacker has already cracked any passwords that have been zeroed out this way, which means that if you see zeroes in your matching password, then your password is already stolen.

Also note that if your password is long enough (like greater than 15 characters) and complex enough, then it's still probably safe. A 15 character SHA-1 password composed of upper/lower case with symbols and digits is too large for "brute-force" and "rainbow tables". However, if you've composed it of dictionary words, then it could fall to a "mutated dictionary" attack.

Update: the following link is a pointer to a download of the file, which by the time you read this, is almost certainly been removed https://disk.yandex.net/disk/public/?hash=pCAcIfV7wxXCL/YPhObEEH5u5PKPlp%2BmuGtgOEptAS4%3D

Update: This is a sorted list of unique passwords. Thus, if 50 people use the password "password", it'll only show up once in this list. Which it does. The password of "password" is hashed using SHA-1 to "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", which appears as "000001e4c9b93f3f0682250b6cf8331b7ee68fd8" in this list.

Update: Where do these passwords come from? The answer is the: the cracking underground. When hackers break into a network and steal the encrypted passwords, they crack as many as they can, and then exchange the dumps with their friends. Each hacker uses different tools, uses different dictionaries, and so on. Thus, once they've exhausted your their techniques, another hacker is still likely to be able to crack many more passwords.

Update: It took me only a couple minutes to verify that this hack is real, yet LinkedIn has not been able to:


This reflects poorly on the trustworthiness of LinkedIn. It's proper that you make such a comment before you know what's going on, but they've had hours to verify this, we should've gotten an update by now.
Update:LinkedIn has a semi-confirmation as explained in their blogpost here. However, it only says they confirm that some of the passwords that were compromised correspond to LinkedIn accounts. That avoids accepting blame, after all, in other prominent password attacks (like one recently against Twitter), the source of the hack was not Twitter's fault, but due to "password reuse", as users used the same password for Twitter that they used for other websites, and it's the other websites that were hacked. As I (and other security pros) have confirmed, we don't reuse passwords. This password list comes from LinkedIn, and from no other source.

Update: How fast can hackers crack passwords? The answer "2 billion per second" using the Radeon HD 7970 (the latest top-of-the-line graphics processor). Each letter of a password has 100 combinations (UPPER, lower, d1g1ts, $ymbols). A 5 letter password therefore has 100 x 100 x 100 x 100 x 100 or 10 billion combinations, meaning it can be cracked in 5 seconds. A 6 letter password has 100 times that, or 500 seconds. A 7 letter password has 100 times that, or 50,000 seconds, or 13 hours. An 8 character password is roughly 57 days. A 9 character password is 100 times that, about 15 years. In other words, if your password was 7 letters, the hacker has already cracked it, but if it's 9 letters, it's too difficult to crack with brute force.

Update: A site http://leakedin.org will check this for you. They claim to has the password in the browser (like I do above), then check the database. I don't know if this is true -- but since you are going to change your password regardless, maybe it doesn't matter.

Update: What does password cracking look like? I started the "hashcat" tool to examine the file. It looks like this:

I'm using the latest Radeon HD 7970 graphics card. Note that I'm only getting a cracking rate of 400-million passwords/second, while the 7970 can actually do 2-billion/second. That's because I'm doing "multi-hash" cracking, testing each hash against the entire original list of 6.5 million hashes. That lookup takes longer than calculating the hash in the first place. I can dramatically increase hashing speed by first removing all the easily cracked passwords from the list, making it smaller, and hence making lookups faster.

43 comments:

  1. Anonymous1:00 PM

    Use salted hashes, morons! http://en.m.wikipedia.org/wiki/Salted_hash

    ReplyDelete
  2. Anonymous1:00 PM

    Do we know if the login/password information was also extracted/published?

    ReplyDelete
  3. Anonymous1:03 PM

    Is it possible that the .ZIP log file with all passwords is infected with some kind of virus or something?

    Thank you for the warning.

    - Cheers!

    ReplyDelete
  4. Anonymous1:03 PM

    Thanks for the tips, your blog has been linked to by many different news sites.
    Greetz

    Pim

    ReplyDelete
  5. Anonymous1:29 PM

    I'm curious whether my password is among those compromised, but I don't really want to go searching shady sites for the list.

    Suggestion: maybe you(someone) could host a JS form that tests a password/hash against your copy of the list and returns a yes/no on whether the password was found?

    ReplyDelete
  6. Anonymous1:35 PM

    OK, I'm convinced!!!
    The hash of my password was in the file!
    Creeps!

    Thanks for the heads-up and a method to verify my being hacked.

    ReplyDelete
  7. Anonymous1:45 PM

    Uh. If you think your password is compromised, but don't know, the last thing I would do is go putting your password into someone's random web site where it can be collected.

    The right answer is to immediately change your password. Preferably to something with enough bits that it won't be broken trivially. I suggest 22 characters or so. This isn't so bad, since you can actually use dictionary words if you have a password that long and it won't be trivial to use a dictionary attack on.

    ReplyDelete
  8. Anonymous1:48 PM

    I checked for my password in the file and it wasn't there. However, I also didn't fall for the tons of phishing attempts that were going around corporate America the past 2 weeks.

    ReplyDelete
  9. Anonymous1:55 PM

    My current LinkedIn password is not on that list, however, a "low-security" password (two dictionary words separated by a digit) that I have used at various untrustworthy websites was in fact on the list. Either this is an old dump from LinkedIn, or some of the data came from elsewhere, or both.

    ReplyDelete
  10. Anonymous2:04 PM

    Mine, my wife and my son's were not in the list.

    As for those who asked about a virus in the list - no there isn't. I downloaded it into a BackTrack Linux virtual instance running on one of my RHEL servers.

    LinkedIN product management is clueless!

    ReplyDelete
  11. This comment has been removed by the author.

    ReplyDelete
  12. Anonymous2:20 PM

    So when i run sha1sum on the phrase abc, i get something other than what your web form is showing. Anyone else seeing that?

    ReplyDelete
  13. Anonymous2:26 PM

    Do they have the corresponding logins to the passwords they now have?

    ReplyDelete
  14. Anonymous2:31 PM

    Of the 6.5 million lines in the file, over 3.5 million lines begin with 00000. If those represent cracked passwords, that's 54% of the total.

    ReplyDelete
  15. To the one who got a different shasum, if you use the terminal for it, you're inserting an extra \n that changes the sum. Use: echo -n "abc" | shasum

    ReplyDelete
  16. Anonymous2:33 PM

    Mirror: http://www.tozz.nl/temp/combo_not.zip

    ReplyDelete
  17. Anonymous2:34 PM

    @Anonymous, re sha1 of abc: you probably have a newline on the end of your input. Use echo -n.

    $ echo -n abc | shasum
    a9993e364706816aba3e25717850c26c9cd0d89d -
    $ echo abc | shasum
    03cfd743661f07975fa2f1220c5194cbaff48451 -

    ReplyDelete
  18. Anonymous2:44 PM

    So peeps are expected to trust this site and type in their passwords to generate some hashes. And you promise not to use that pair for any bad deeds?

    Dudes, just run something like this on your PCs:

    perl -e"use Digest::SHA1 qw(sha1 sha1_hex sha1_base64);$digest = sha1_hex('text_here'); print $digest;"

    ReplyDelete
  19. Anonymous3:03 PM

    Let's all see how LinkedIn responds before judging their "trustworthiness"?

    Unfortunately, sites like LI will always be targets while yours and mine may not (stop now and take a moment to count your blessings).

    While there are no moral victories in a security breach, the measure of trustworthiness, diligence, etc. today should be as much about response and cure as it is prevention.

    ReplyDelete
  20. Anonymous3:03 PM

    Let's all see how LinkedIn responds before judging their "trustworthiness"?

    Unfortunately, sites like LI will always be targets while yours and mine may not (stop now and take a moment to count your blessings).

    While there are no moral victories in a security breach, the measure of trustworthiness, diligence, etc. today should be as much about response and cure as it is prevention.

    ReplyDelete
  21. Anonymous3:19 PM

    Someone found that about 10% of the hashes appear both in full and starting with 00000. Does that mean two different passwords had a similar hash (except the first 5 characters) and one of them was cracked?
    Are there full hashes that are equal except for the first 5 characters?

    ReplyDelete
  22. Anonymous3:27 PM

    With openssl it's like this:

    $ echo -n abc | openssl sha1

    ReplyDelete
  23. I released tool to check if your passsword is in the leaked LinkedIn hashes. Your inputted password is hashed on the client side with Javascript before being submitted to server and cross checked with the hash list. http://linkedin.biorra.com

    ReplyDelete
  24. Several people asked "Do we know if the login/password information was also extracted/published?"

    I haven't seen those published, but they were almost certainly extracted. The usernames would have been in the same file/database that contained the hashed passwords.

    Publishing just the hashes, allows the cracker to "crowd source" their use of rainbow tables.

    ReplyDelete
  25. Anonymous3:32 PM

    my linkedin password hash is not there

    ReplyDelete
  26. It looks to me like they've killed their news service at the moment.

    I got here earlier because all trending news items on LinkedIn were about the hack.

    They've already got a black eye, and now they're punching themselves in the face.

    ReplyDelete
  27. Check out: http://afitnerd.com/projects/passable

    Strong password generator that doesn't store passwords or require you to remember difficult passwords.

    We should all be demanding that the sites with our personal information allow us to put in long passwords.

    ReplyDelete
  28. Anonymous4:29 PM

    Anyone have a link with a copy to the file? The link above is dead by now.

    ReplyDelete
  29. Anonymous4:50 PM

    Great coverage on this RDG, thanks!

    ReplyDelete
  30. Anonymous6:37 PM

    > "by first removing all the easily cracked passwords from the list"
    So how does one do that? Isn't the purpose of a hash to make it so that (among other things) you can't tell which hashes are easily cracked, other than cracking them?

    ReplyDelete
  31. I found the file, downloaded it, SHA-1'd my old password locally (after changing it on LinkedIn.com), and found it in the file without the leading 5 0's. Looks like LinkedIn is failing to disclose the hack. Took me just a few minutes to confirm it myself.

    ReplyDelete
  32. Can someone with access to the data set check e66669df9dd2b8e2e364719b67f39e7a190f90e6

    I closed my account about a month ago and this will help date the data. My password was strong and unique. If this hash is in there it was from my password.

    ReplyDelete
  33. This comment has been removed by the author.

    ReplyDelete
  34. @JPGold... your not on the list, but since you just published your hash publicly, I'd now tell you to change your password

    ReplyDelete
  35. @Jeff Uberstine,

    Thanks for checking. And thank you for your concern about my password. The password that is behind that hash has more than 90 bits of entropy, is unique (not used for any other service), and is for a closed LinkedIn account. I wouldn't have posted it otherwise.

    I use strong, random, unique passwords everywhere.

    But thanks for the concern and advice.

    Cheers,

    -j

    ReplyDelete
  36. Also I have linked to this from

    http://blog.agilebits.com/2012/06/06/a-salt-free-diet-is-bad-for-your-security/

    Cheers,

    -j

    ReplyDelete
  37. Anonymous9:13 AM

    actually if you have a couple older PS3 linux machines - you can do better in terms of teraflops to dollars spent :)

    ReplyDelete
  38. Anonymous2:39 PM

    This is the scum who posted the password file.
    http://forum.insidepro.com/profile.php?mode=viewprofile&u=1223

    Those posts have been deleted, but Google cache still has some of them.

    ReplyDelete
  39. All very interesting, thanks for the n00b explanations and all the updates!

    ReplyDelete
  40. Anonymous9:46 AM

    I'd like to thank you for the efforts you have put in writing this site. I really hope to see the same high-grade blog posts by you in the future as well. In truth, your creative writing abilities has encouraged me to get my own, personal website now ;)

    ReplyDelete
  41. Hacking could be in any form. There are times that we can not notice that the hacking has started. We should be careful. If this is proven true, then maybe LinkedIn is not secured enough.









    By: www.rickyzurvassocialmedia.com.au

    ReplyDelete
  42. A secure way to look up your password and hash-lookup Benchmarks

    ReplyDelete
  43. This comment has been removed by a blog administrator.

    ReplyDelete

Note: Only a member of this blog may post a comment.