Sunday, January 22, 2012

Analysis of 30.000 Phished Facebook Accounts

This analysis is based on 7 leaks of phished Facebook accounts leaked by the hackers 0x0mar and Hannibal. One of the leaks from Hannibal were advertized to contain over 100.000 accounts, but the it seems that he can't count since the leak only contained a combined total of 25.000 accounts.

No passwords were cracked, all passwords were phished.

Data Validity
As always with phished accounts, there is a lot of garbage and that makes the analysis have a high statistical error. Together with the fact that all 7 leaks contained duplicate accounts (same email and password combination multiple times) and the fact that around 2.000 accounts had a password length less than what the Facebook policy allows, the apparent quality of the leaks is very low. After filtering the data and removing garbage, I ended up with 27.978 accounts.

The Results

Length distribution
 
Average password length: 8,579955

Character distribution
 

Unique character distribution


Contained in common wordlists
 

Top 30 most common passwords


Top 30 longest passwords

No comments:

Post a Comment