For many years, the “RockYou” collection of stolen passwords compiled from data breaches has been used by security researchers, enterprise defenders, and cybercriminals alike to test the strength of user-created passwords or try to guess live account passwords through brute-force attempts. Recently, a newly updated version of the list, called RockYou2021 was compiled with 8.4 billion passwords and made available through underground forums. A link to download the new list briefly appeared on RaidForums however the post has since been removed. Earlier this year, another password list known as COMB (Compilation of Many Breaches) was released and is included in RockYou2021 adding 3.2 billion passwords to the previous RockYou list. It appears that the author has been collecting breached passwords over time and researchers with access are working to identify any new leaks that might be present.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in