14 DAY TRIAL // The hacker Peace has put up for sale over 51 million records obtained from the now-defunct iMesh P2P file sharing service.
iMesh was one of the first and most popular file sharing services that appeared, similar to Napster. The service allowed users to share multimedia files with friends via the P2P protocol. The service launched in the late '90s and recently closed down, in May 2016.
LeakedSource, a company that specializes in collecting user data from publicly available data breaches, has announced today that it came into the possession of data from the iMesh service.
The same data is also available for sale on The Real Deal Dark Web marketplace. The hacker who's selling it is the same person who also put up for sale details from LinkedIn, Tumblr, Twitter, and MySpace.
In his listing, the hacker is asking for 0.5 Bitcoin (~$335) for the entire dataset. After analyzing the data, LeakedSource says Peace is in possession of 51,310,759 iMesh records.
iMesh was probably hacked on September 22, 2013
Based on the latest timestamp, LeakedSource estimates the hacker(s) breached iMesh on September 22, 2013. For each record, LeakedSource claims there are an email address, a username, a password, an IP address, and location information (country).
According to LeakedSource's analysis, most of iMesh's users were from the US (13.7 million), most of them signed up with Hotmail (14.3 million) and Yahoo (10.5 million) email addresses, and almost one million used 123456 as their password.
The service stored all passwords in a simple format, which is easy to break. Passwords were salted, then passed through an MD5 algorithm, salted again, and passed through MD5 again.
Below is an analysis of the leaked data. LeakedSource has ranked the most common passwords, the most common email address domains, users by location, and has categorized users by the year they joined the iMesh service.
| Rank | Password | Frequency |
|---|---|---|
| 1 | 123456 | 993,176 |
| 2 | 123456789 | 330,434 |
| 3 | 1234 | 233,088 |
| 4 | 12345 | 175,430 |
| 5 | password | 86,535 |
| 6 | 12345678 | 76,989 |
| 7 | 1234567 | 65,678 |
| 8 | 123123 | 59,429 |
| 9 | 111111 | 57,775 |
| 10 | 000000 | 51,796 |
| 11 | qwerty | 45,077 |
| 12 | bearshare | 44,123 |
| 13 | 1111 | 42,567 |
| 14 | 1234567890 | 41,337 |
| 15 | 0000 | 38,388 |
| 16 | iloveyou | 32,711 |
| 17 | music | 29,023 |
| 18 | 654321 | 26,754 |
| 19 | 123321 | 23,694 |
| 20 | 666666 | 23,582 |
| Rank | Email Domain | Frequency |
|---|---|---|
| 1 | @hotmail.com | 14,394,067 |
| 2 | @yahoo.com | 10,518,713 |
| 3 | @gmail.com | 4,531,252 |
| 4 | @aol.com | 1,425,834 |
| 5 | @hotmail.co.uk | 1,039,512 |
| 6 | @hotmail.fr | 905,350 |
| 7 | @wp.pl | 870,635 |
| 8 | @hotmail.it | 614,268 |
| 9 | @MSN.COM | 596,484 |
| 10 | @live.com | 528,800 |
| 11 | @hotmail.de | 431,598 |
| 12 | @web.de | 431,155 |
| 13 | @o2.pl | 414,836 |
| 14 | @yahoo.fr | 342,238 |
| 15 | @ymail.com | 325,515 |
| 16 | @libero.it | 322,083 |
| 17 | @yahoo.co.uk | 321,068 |
| 18 | @interia.pl | 258,828 |
| 19 | @gmx.de | 250,969 |
| 20 | @live.fr | 235,455 |
| Rank | Country | Frequency |
|---|---|---|
| 1 | United States | 13,711,788 |
| 2 | Turkey | 3,984,906 |
| 3 | United Kingdom | 3,646,707 |
| 4 | Poland | 2,569,583 |
| 5 | Italy | 2,084,394 |
| 6 | Germany | 2,054,638 |
| 7 | Canada | 1,633,484 |
| 8 | France | 1,606,438 |
| 9 | Netherlands | 1,420,732 |
| 10 | Philippines | 1,295,845 |
| 11 | India | 1,173,916 |
| 12 | Brazil | 1,043,064 |
| 13 | Australia | 988,478 |
| 14 | Spain | 699,142 |
| 15 | Belgium | 663,932 |
| 16 | Egypt | 645,707 |
| 17 | Mexico | 583,236 |
| 18 | Malaysia | 501,762 |
| 19 | Algeria | 408,819 |
| 20 | Indonesia | 381,794 |
| Year | Amount of new users |
|---|---|
| 2005 | 1,147,132 |
| 2006 | 4,830,172 |
| 2007 | 8,651,466 |
| 2008 | 6,861,168 |
| 2009 | 4,842,414 |
| 2010 | 7,124,789 |
| 2011 | 9,403,440 |
| 2012 | 5,910,733 |
| 2013 | 2,539,445 |