Data Security

Hundreds of millions of stolen accounts for sale in dark web forums

A vendor on dark web offers these massive databases for less than $20k USD

According to network
security
specialists from the International Institute of Cyber
Security, an unidentified user claims to have the data of nearly 617 million
accounts stolen from multiple online services, the unknown user has put on sale
these huge databases in dark
web
forums.

Through the Tor network, those interested in
the stolen information can contact the user in possession of the databases, who
has requested about $20k USD in Bitcoin in exchange for this treasure of
personal data.

Network security experts mention that the websites
involved include:

  • Dubsmash: 162 million accounts for 0.217 Bitcoin ($780 USD)
  • MyFitnessPal: 151 million accounts for 0.289 Bitcoin ($1 040 USD)
  • MyHeritage: 92 million of accounts for 0.549 Bitcoin ($1 976 USD)
  • ShareThis: 41 million of accounts for 0.217 Bitcoin ($780 USD)
  • Animoto: 25 million of accounts for 0.3185 Bitcoin ($1 144 USD)
  • Among others

The information provided by the seller seems to
be reliable. Among the data stored in this database are the names of the
holders of the compromised accounts, email addresses and passwords. Passwords
are not ready to be used, as they are encrypted or encrypted on a single end.
Apparently there are no bank details records in this database.

Who might be
interested in this information?

The details of the compromised accounts could
be useful for companies or individuals who send spam and malicious users that
display credential stuffing attacks.

If someone bought, for example, 500px accounts,
they could enter accounts with weaker passwords, as some were processed using
the obsolete MD5 algorithm. If successful, attackers could use the user names
and passwords obtained to try to log on to platforms like Facebook or Gmail to
develop other hacking activities.

The vendor offers separate databases, claiming
that it obtained the compromised accounts by exploiting some vulnerability in web
applications. The seller stated that it is not located in American territory,
and also states that it has already sold at least one copy of the Dubsmash
database.

Network security specialists claim that the
websites involved were hacking victims; In the specific case of MyHeritage and
MyFitnessPal, these services warned their users that they had been engaged in
recent months. In some cases, the compromised sites would have decided not to
report data theft. 

MyHeritage spokespersons confirmed that the
filtered samples from their database are legitimate; in addition the company
calculates that data theft occurred in October 2017 in a cyberattack reported
up to 2018. 500px has also confirmed that your account data was stolen from
your servers and put on sale this week on dark web.

To Top

Pin It on Pinterest

Share This