{"id":25403,"date":"2019-02-18T05:02:12","date_gmt":"2019-02-18T05:02:12","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/"},"modified":"2019-02-18T05:02:12","modified_gmt":"2019-02-18T05:02:12","slug":"tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/","title":{"rendered":"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2015\/12\/03\/crypto.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p><strong class=\"trailer\">Roundup<\/strong> Let&#8217;s kickstart your Monday with some lovely juicy computer security and screwups news, beyond what <a target=\"_blank\" href=\"https:\/\/www.theregister.co.uk\/security\/\">we reported last week<\/a>.<\/p>\n<h3 class=\"crosshead\"><span>New round of data theft claims<\/span><\/h3>\n<p>Throughout last week, <em>El Reg<\/em> broke the news that more than <a target=\"_blank\" href=\"https:\/\/www.theregister.co.uk\/2019\/02\/11\/620_million_hacked_accounts_dark_web\/\">600 million accounts<\/a> details had been stolen from more than a dozen websites, and were being offered for sale on the dark web by a single seller. One by one, the companies hit by the hacker confirmed their customer records had been swiped and touted online for Bitcoin.<\/p>\n<p>Just before the weekend, the miscreant put more databases up for sale on the dark web from more hacked websites. The purloined data is mostly usernames or email addresses as well as hashed passwords, sold to spammers and credential stuffers to exploit. Here&#8217;s the list of purported account records for sale:<\/p>\n<ul>\n<li>Houzz: 57 million usernames and hashed passwords. The company is aware, and notified customers and law enforcement <a target=\"_blank\" href=\"https:\/\/www.theregister.co.uk\/2019\/02\/01\/houzz_data_breach\/\">around early February<\/a> that it had been ransacked by a hacker.<\/li>\n<li>YouNow: 40 million usernames and IP addresses. The company is aware, and said that no passwords were involved as it uses external sites for user authentication. YouNow says it does not believe the advertised data was stolen from its systems, and may have been scraped from its website \u2013 although that doesn&#8217;t explain the IP addresses.<\/li>\n<li>ixgo: 18 million usernames and MD5 hashed passwords, which could be trivially easy to break.<\/li>\n<li>Stronghold Kingdoms: 5 million accounts and HMAC-RIPEMD160 hashed passwords.<\/li>\n<li>Roll20.net: 4 million usernames and bcrypt hashed passwords.<\/li>\n<li>ge.tt: 1.8 million usernames and sha256 hashed passwords.<\/li>\n<li>Petflow: 1.5 million usernames and MD5 hashed passwords, which could be trivially easy to break.<\/li>\n<li>CoinMama: 400,000 usernames and PHPASS hashed passwords.<\/li>\n<li>Plus, in late-breaking news: 60 million accounts from Pizap, 8 million from Gfycat, 20 million accounts from Storybird, Jobandtalent, Legendas.tv, and OneBip, 1.5 million from ClassPass, and one million from StreetEasy.<\/li>\n<\/ul>\n<p>Needless to say, if you have an account on any of these sites, you should expect to hear from them shortly.<\/p>\n<p>The stolen credentials were hashed, aka one-way encrypted, and some of the more secure algorithms, such as bcrypt, make it highly unlikely they could be solved to steal accounts, but it&#8217;s better to be safe than sorry: wait for that password reset, and change the password on other sites where you&#8217;ve reused your passphrase. But we know <em>Reg<\/em> readers aren&#8217;t reusing passwords across multiple sites, yeah?<\/p>\n<h3 class=\"crosshead\"><span>Prosecutors claim Stone link to WikiLeaks<\/span><\/h3>\n<p>Friday afternoon&#8217;s bad news dump contained a new allegation in the case against President Trump associate Roger Stone.<\/p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cnn.com\/2019\/02\/15\/politics\/roger-stone-wikileaks\/index.html\">US prosecutors say<\/a> they have copies of direct communications between Stone and Wikileaks. If proven, that would place Stone within an alleged chain of communication that went from the Guccifer 2.0 hacking operation to WikiLeaks, to Stone, and possibly to the Trump campaign.<\/p>\n<p>Stone has pleaded not guilty.<\/p>\n<h3 class=\"crosshead\"><span>Facebook using tracking tools to watch &#8216;threats&#8217;<\/span><\/h3>\n<p>Stop us if you&#8217;ve heard this one before: a newly-uncovered practice at Facebook is raising possible privacy concerns.<\/p>\n<p>This time, it&#8217;s a <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cnbc.com\/2019\/02\/14\/facebooks-security-team-tracks-posts-location-for-bolo-threat-list.html\">report from CNBC<\/a> outlining how the social network uses its products to track users who they believe pose a credible threat to Facebook offices and employees.<\/p>\n<p>Dubbed &#8220;Bolo&#8221; (short for Be On Look Out) the tool has reportedly been in use for more than a decade. When a user is added to the Bolo list, Facebook&#8217;s security team gets their information as well as their location information and photos.<\/p>\n<p>While Facebook maintains that the list is only used to protect its employees from credible threats of harm, the report suggests that in some cases people are added to the list for minor infractions, or because they were a former employee or contractor.<\/p>\n<p>The whole thing is a sticky situation. On one hand, Facebook can and should be able to protect its employees from any threat of harm. On the other, the social network doesn&#8217;t exactly have the best track record when it comes to guarding privacy.<\/p>\n<h3 class=\"crosshead\"><span>Hackers show off remote-control tricks in Xiaomi scooters<\/span><\/h3>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/blog.zimperium.com\/dont-give-me-a-brake-xiaomi-scooter-hack-enables-dangerous-accelerations-and-stops-for-unsuspecting-riders\/\">A report<\/a> by security shop at Zimperium found that Xiaomi&#8217;s M365 scooter model uses a potentially insecure Bluetooth control system that can be managed through a smartphone.<\/p>\n<p>The flaw is not within the scooter&#8217;s hardware itself, but rather in the way the techie toys communicate with administrator devices over Bluetooth.<\/p>\n<p>The problem arises in the way that Bluetooth communication occurs. The hackers found that by default the scooter assumes the person running the application has already been authenticated.<\/p>\n<p>&#8220;During our research, we determined the password is not being used properly as part of the authentication process with the scooter and that all commands can be executed without the password,&#8221; writes researcher Rani Idan.<\/p>\n<p>&#8220;The password is only validated on the application side, but the scooter itself doesn\u2019t keep track of the authentication state.&#8221;<\/p>\n<p>Fortunately, it does not look like this is a threat for any of the popular rent-a-scooter services popping up in cities. Of the major scooter carriers we talked to, only one still used the M365, and they had closed the described vulnerability long before putting the scooters on the street.<\/p>\n<h3 class=\"crosshead\"><span>Mac malware spreads via Windows PC apps<\/span><\/h3>\n<p>A new outbreak of Mac malware infections is coming from an unlikely source: a Windows .EXE file.<\/p>\n<p>Researchers <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/windows-app-runs-on-mac-downloads-info-stealer-and-adware\/\">at Trend Micro say<\/a> the infection disguises itself as an installer for the popular paid-for <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.obdev.at\/products\/littlesnitch\/index.html\">Little Snitch<\/a> macOS security tool being spread for free on Torrent sites.<\/p>\n<p>Within the installer is a .EXE file, a Windows executable packed with the Mono .NET framework, which allows the executable to launch on a Mac and begin downloading adware and logging system information.<\/p>\n<p>Trend believes the unusual behavior is done to evade macOS&#8217;s built-in security Gatekeeper tool that would otherwise spot the malicious activity: in other words, the operating system would stop the malware as an unsigned binary, or from an untrusted developer, but allows the .EXE to run.<\/p>\n<p>&#8220;We suspect that this specific malware can be used as an evasion technique for other attack or infection attempts to bypass some built-in safeguards such as digital certification checks since it is an unsupported binary executable in Mac systems by design,&#8221; the security firm says.<\/p>\n<p>&#8220;We think that the cybercriminals are still studying the development and opportunities from this malware bundled in apps and available in torrent sites, and therefore we will continue investigating how cybercriminals can use this information and routine.&#8221;<\/p>\n<h3 class=\"crosshead\"><span>Microsoft sacks SAC-T<\/span><\/h3>\n<p>Redmond wants to make it a bit easier for companies to upgrade their PCs. To do that, Microsoft says it is doing away with the SAC-T designation on some versions of Windows.<\/p>\n<p>Previously, SAC-T, or Semi-Annual Channel (Targetted) had been designated for specific versions of Windows offered on Windows Update for Business. This was done as Microsoft was working to get the Windows and Office releases aligned on Update for Business. That work will be done in the upcoming Windows feature update.<\/p>\n<p>&#8220;Instead, you will find a single entry for each new SAC release. In addition, if you are using Windows Update for Business, you will see new UI and behavior to reflect that there is only one release date for each SAC release,&#8221; <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/techcommunity.microsoft.com\/t5\/Windows-IT-Pro-Blog\/Windows-Update-for-Business-and-the-retirement-of-SAC-T\/ba-p\/339523\">writes<\/a> Microsoft&#8217;s John Wilcox.<\/p>\n<p>&#8220;If you use System Center Configuration Manager, Windows Server Update Services (WSUS), or other management tools, there will now only be one feature update published to WSUS, and this will occur at the time of release.&#8221; \u00ae<\/p>\n<p class=\"wptl btm\"><span>Sponsored:<\/span> <a href=\"https:\/\/go.theregister.co.uk\/tl\/1810\/-7146\/top-5-threat-hunting-myths?td=wptl1810\">Top 5 Threat Hunting Myths<\/a><\/p>\n<p>READ MORE <a href=\"http:\/\/go.theregister.com\/feed\/www.theregister.co.uk\/2019\/02\/18\/security_roundup_150219\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Standby for a &#8216;we woz haxx0ed&#8217; email from one of these sites this week&#8230; Roundup\u00a0 Let&#8217;s kickstart your Monday with some lovely juicy computer security and screwups news, beyond what we reported last week.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":25404,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-25403","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-02-18T05:02:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"911\" \/>\n\t<meta property=\"og:image:height\" content=\"564\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more\",\"datePublished\":\"2019-02-18T05:02:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/\"},\"wordCount\":1260,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/\",\"name\":\"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg\",\"datePublished\":\"2019-02-18T05:02:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg\",\"width\":911,\"height\":564},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/","og_locale":"en_US","og_type":"article","og_title":"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-02-18T05:02:12+00:00","og_image":[{"width":911,"height":564,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more","datePublished":"2019-02-18T05:02:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/"},"wordCount":1260,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/","url":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/","name":"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg","datePublished":"2019-02-18T05:02:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more.jpg","width":911,"height":564},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/tens-of-millions-more-web-accounts-for-sale-after-more-sites-hacked-mac-malware-spreads-via-windows-exe-and-more\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Tens of millions more web accounts for sale after more sites hacked, Mac malware spreads via Windows.exe, and more"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25403","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=25403"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25403\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/25404"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=25403"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=25403"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=25403"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}