Postmodern Sysadmin

A blog about servers and junk

Myspace Phishing Analysis

A couple of years ago, a large list of phished Myspace accounts was leaked on the internet. I stumpled upon them and ran a very simple analysis. Check it out:

root@a:/# cat myspace.hackedlist | cut -f 2 -d : | sort | uniq -c | sort -n | tail -n 20
14 qwerty1
15 123456a
15 babygirl1
15 blink182
16 123456
16 123abc
16 iloveyou2
17 football1
17 nicole1
18 number1
19 password
23 myspace1
24 fuckyou1
28 iloveyou1
28 monkey1
29 fuckyou
54 abc123
74 password1

The file was in the form of “Username:password”, so the first part of that command “cuts” the second column, with the colon as the delimiter. Then it is piped through sort, which sorts the list alphabetcially, then the uniq -c command, which counts the number of times that a word shows up, then I sort it again to get the most freqent passwords, and tail the last 20 lines.

It is interesting to see that a lot of these passwords just tack “1” on to them. And of course blink182 was all the rage back then aparently…