A database of what appears to be some 5 million login and password pairs for Google accounts has been leaked to a Russian cyber security internet forum. It follows similar leaks of account data for popular Russian web services. -http://rt.com/news/186580-millions-google-accounts-leaked/-
It's a very odd leak. They're not for GMail accounts, or seemingly not, and while the passwords are legit, they're totally out of date (by many years).
Someone is doing a spring clean of all the passwords harvested during the past years through phishing and other methods. The passwords correspond to different sites and only work on Gmail if the victim uses the same password everywhere and hasn't changed it in a long time.
https://www.wilderssecurity.com/threads/checking-if-your-account-has-been-leaked.368082/#post-2408253
This is probably the best article I've read on the Google Gmail hack or data leak that I've read thus far. http://arstechnica.com/security/2014/09/google-no-compromise-likely-massive-phishing-database/ The various sites posted here at Wilders are regarded as phishing sites and users are discouraged from disclosing your account information to any of these supposed check-up sites. Change your passwords often and enable two factor login authentication if your PC supports this. https://www.google.com/landing/2step/
I use pwnedlist.com since a long time and it works. Also, I'm 100% sure that I don't get any spam from them: http://krebsonsecurity.com/2011/11/are-you-on-the-pwnedlist/
So you're saying that the half dozen sites posted my members subhrobhandari, J_L, and anon are phishing sites? Is this a suspicion of yours, or do you have some confirmation to substantiate what you have said?
They are viewed as being suspicious at best as they all maintain server logs. There were several on .RU domains that were certainly phishing sites. This is not to say that I or anyone else is questioning the posters themselves, if that's what your inferring. Not a suspicion of mine - many in the security community are suggestion alternate methods in order to minimize the Gmail dump and accounts hijack. Use Gmail account activity to verify suspicious activity - from there you have the option to change your password or enable two factor authentication.
No need to put words into anyone's mouth by speculating on inferences. What you wrote is that the sites they posted are regarded as phishing sites. So I asked you for substantiation. You said they are viewed as suspicious at best by the security community. That's just one more claim coming from you, not proof of any sort. Let me give you what I base my findings on... I visited the sites posted in that thread. No warnings of any kind were generated. Not from TrafficLight's Advanced Phishing Filter, not from Chrome's Anti-Phishing Protection, not from MBAM's Malicious Website Protection nor from ESET's Anti-Phishing Protection. Not even WOT had anything to say. But you say they are viewed as suspicious at best by the security community. Not very convincing.
And I ran all six sites posted by those three members through URLVoid for their analysis by 29 different website reputation engines and domain blacklists, and everyone came up green from all 29 engines and lists. But you say they are viewed as suspicious at best by the security community.
Thought I would chime in in the thread, checked a few things. 1. haveibeenpwned is run by Troy Hunt, according to the about page he is an MVP and his personal website seems legit. The whois records of this and his personal website seem to match and have open information about his address and phone. I cant vouch for the website, but at least, it seems legit from the about us and whois pages. 2. There isnt much info about hacked-db and they are protected by Domains By Proxy, so I cant say anything about them. 3. Same for wasleaked, "Registered On September 10, 2014" no info about them whatsoever. 4. pwnedlist - No whois, but they have some open jobs in the career page. 5. shouldichangemypassword is being redirected to breachalarm.com. No whois, run by avalanche.
Avira Identity Safeguard Allows iOS and Android Users to Check if Email Address Was Impacted by Gmail Breach Tettnang, Germany --- September 11, 2014 http://www.avira.com/en/press-details/nid/960/news/avira-identity-safeguard-gmail-breach