The Channel logo


By | Darren Pauli 14th October 2014 04:02

'Dropbox passwords' for sale are all EXPIRED: Bitcoin buyers beware

Pastebin: Still not exactly the Oracle of Truth

Yet another fraudster is struggling to relieve suckers of their Bitcoin after publicly posting what's purported to be a cache of no less than 7 meellion Dropbox login credentials.

A guest poster on Pastebin posted three documents, all claiming to be a subset of "the massive hack of 7,000,000 accounts". The posts said there are "More to come" if punters "keep showing your support" by making Bitcoin payments to the author.

Unfortunately for the poster, most of the 400 credentials posted as "proof" of the hack were already expired, Dropbox told The Next Web.

"Dropbox has not been hacked," the company told the outlet. "These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts.

"We'd previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well."

The Reg's check of the nominated account reveals no one has paid.

Dropbox says on its website that it uses the "best tools and engineering practices available to build and maintain" the service and uses AES-256 encryption to protect stored files, but El Reg could not find a reference to the security mechanisms it used to protect passwords, aside option second factor authentication.

Nor was a warning to users readily apparent at the time of writing. Dropbox has form going quiet on threats: it felt a forum post was enough notification of the Heartbleed mess when news of that flaw broke.

The failed fleecing serves as a timely reminder to never pay money into Bitcoin wallets listed on Pastebin. ®

comment icon Read 8 comments on this article or post a comment alert Send corrections


Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral


Locker room jocks photo via Shutterstock
Best locker-room strategy: Avoid emulating AWS directly
STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock