Hackers have recently managed to nick millions of Facebook, Google, Twitter, and Yahoo passwords by installing key logging software on millions of personal computers. The security experts confirmed that the malware was capturing log-in credentials for key sites over the past month and sending the data to a server controlled by the hackers.

Back in November, the security researchers tracked that server to Holland and discovered compromised credentials for over 93,000 websites, including 318,000 Facebook accounts, 70,000 Google accounts, 60,000 Yahoo accounts, 22,000 Twitter accounts and 8,000 LinkedIn accounts – all hacked. The tech giants were immediately notified of the breach, and perhaps this is why Google was asking me to change my password a few weeks ago. Thus far, there’s no evidence that the hacked passwords have been ever used.

The security experts hadn’t found out how the malware got onto so many PCs. The intruders set up the key logging software to rout sensitive data via a proxy server, so it was impossible to track down which PCs are currently infected.

The hacking campaign started in the end of October, and it might be still ongoing. The researchers believe that there are some other proxy servers running the attack which they haven’t found yet. The malware running in the background is hidden, but antivirus software and the latest patches for browsers, Adobe (ADBE) and Java will be able to detect it and prevent it from running. Secure your PC.