Clumsy Hackers Leave Thousands Of Stolen Credentials Exposed To Google Search

data theft
Do you know when thieves leave their stolen goods out on the front porch for all to see, just because? We didn't think so. Sometimes hackers can be the dumber equivalent of thieves, as we have now found out. It appears that hackers behind a global phishing campaign did not protect their stolen goods and left them out for Google to index.

Phishing campaigns are incredibly effective methods by which someone or a group collects passwords, usernames, and other information from uneducated targets. This campaign mistakenly shared its haul with the world operated by having fake Microsoft Office 365 login screens and then redirecting it to the proper location. They were successful enough with this endeavor to collect around 1,000 login credentials for corporate O365 accounts, which is a security headache. Moreover, according to researchers at Check Point, they were successful in evading anti-virus and email scanning techniques.
AV evasion
Once hackers collected the data, scripts fired users’ information off to drop-zone servers to store the information until retrieved. Evidently, though, the data was held in a publicly visible file which was indexable by Google. Simply put, anyone could access the stolen credentials with a simple Google search.
phishing example
This is what a phishing email looks like, but it looks legitimate, right?

Overall, this is an incredibly amusing trip up by hackers, showing they are not perfect. At the very least, as the data is public, the companies affected can be reached out to so they know that they were compromised. Furthermore, if you are to take anything away, always be skeptical of emails from unknown senders or emails with spelling errors or lookalike domains. In any case, if you are going to steal something, maybe do not make it available to the world; otherwise, it is easy to catch you.