620 million accounts stolen from 16 hacked websites available for sale on the dark web

Haythem Elmir

620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web

The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web.

The advertising for the sale of the huge trove of data was published in the popular Dream Market black marketplace, data are available for less than $20,000 worth of Bitcoin.

Data was collected from data breaches of popular websites including:

  • Dubsmash (162 million);
  • MyFitnessPal (151 million);
  • MyHeritage (92 million);
  • ShareThis (41 million);
  • HauteLook (28 million);
  • Animoto (25 million);
  • EyeEm (22 million);
  • 8fit (20 million);
  • Whitepages (18 million);
  • Fotolog (16 million);
  • 500px (15 million);
  • Armor Games (11 million);
  • BookMate (8 million);
  • CoffeeMeetsBagel (6 million);
  • Artsy (1 million);
  • DataCamp (700,000).

While some of the above websites are known to have been hacked (i.e. MyHeritage, MyFitnessPal) for some of them it is the first time that the security community was informed of their breaches.

Journalists at The Register have analyzed account records and confirmed they appear to be legit. Spokespersons for MyHeritage and 500px confirmed the authenticity of the data.

Most of the data included in the dump consist of account holder names, email addresses, and hashed passwords (in some cases password are hashed with the MD5 algorithm that makes it easy for hackers to decrypt).

Journalists pointed out that depending on the specific website there are other information in the archives, including location, personal details, and social media authentication tokens. The data doesn’t include financial information.

The information could be used by threat actors to target users of hacked websites and conduct several malicious activities.

“All of the databases are right now being touted separately by one hacker, who says he or she typically exploited security vulnerabilities within web apps to gain remote-code execution and then extract user account data.” states the post published by The Register. “The records were swiped mostly during 2018, we’re told, and went on sale this week.”

The journalists confirmed that they received the information that the Dubsmash data has been purchased by at least one individual.

The seller seems to be located outside of the US, at least in one case he attempted to blackmail the owner of the website asking money to avoid the sale of data.

dark web

The seller told The Register that he stolen roughly a billion accounts from servers to date since he started hacking in 2012.

Source: https://securityaffairs.co/wordpress/80988/data-breach/dark-web-stolen-credentials.html

Laisser un commentaire

Next Post

Microsoft Patch Tuesday updates for February 2019 fixes IE Zero-Day

Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, including an Internet Explorer issue that has been exploited in attacks. Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, 20 critical vulnerabilities, 54 important and 3 moderate in severity. One of the issue fixed by the […]