A “phishing” web site was primarily responsible for the release of Vkontakte.ru user details, according to Russian anti-virus company Kaspersky Lab. Users were redirected to a web site with a similar-looking interface and asked to sign into their accounts after using an infected application on the site.
The hackers had installed a trojan program on the Vkontakte.ru computers, which changed the host’s files and resulted in the massive information theft, Kaspersky spokesman Mikhail Vasin said Friday.
Vedomosti cited the company’s managing director, Lev Leviyev, as saying Vkontakte.ru was investigating. It was not possible to reach anyone at Vkontakte.ru for comment Friday.
Kaspersky said it detected the trojan on Tuesday, and two days later it found a database with more than 130,000 Vkontakte.ru logins and passwords on several forums and web sites.
Vkontakte.ru gets about 14.3 million visitors per day, or twice as many as closest rival Odnoklassniki.ru, according to Comscore.com Internet statistics portal. The site has 35 million registered users.
Vasin warned users to be wary of schemes seeking to take advantage of the data. “The criminals could ask users to send an SMS message, which would cost $10 or more, to reactivate an account. Then they might get access to one’s personal information, such as bank account details,” Vasin said.
It’s not clear whether a group of hackers carried out the attack or whether it was a single person.