Thursday , June 24 2021

Dark web dump data sees 620 million accounts from hacked websites to sell

Cyber ​​criminals have put 617 million hacked bills on the dark network, resulting from 16 separate data breaches.

Databases are listed on the dark Dream Market web market, along with drugs, weapons and other prohibited items.

Hacked websites include MyFitnessPal, MyHeritage and Animoto – all of which were known as compromised.

Other sites, such as the 500px photo network, have not previously reported a breach of its security.

Depending on the violation, stolen data may include email addresses, passwords, location, and other personal information.

Dream Market hacked bids for the first time have been reported by The Registry and have since been confirmed by Independent,

The data is listed individually on the popular dark web market, each sold by the same vendor. The seller, named gnosticplayers, joined Dream Market on February 6 and currently has five stars, although it's from a single buyer.

"Feel free to write me here on Dream Market to tell me what data you are looking for (cryptographic, games or huge datasets) and I will list them here for sale right away," Gnosticplayers Profile ".

"As I have a great deal of new data, I probably have what you need. If the data does not match the reported infringement information, dispute the escrow, but carefully read the list of what you will get, because if you buy it, you agree to receive the specified data. "

Hurricane Data Offers on the Dark Web Market Dream Market (The Independent / Screenshot)

Cyber ​​security experts have warned that the scale of the violation may lead to a significant change in security sentiments, especially given that many of the ads are from previous undisclosed data breaches.

"A number of broken sites failed to reveal the attacks by pointing out that they did not know about the hacking or had decided not to disclose it, and could thus fall into disrepute to GDPR's obligations and face serious penalties. In both cases, it is likely to be relevant to consumers who will take the burden of attacks, "said Ilka Tirunen, global director of Sonatype. Independent,

"This complicates the fact that violations can be prevented. The hacker said he was using Web application security vulnerabilities and website code – from a software point of view, such vulnerabilities are easy to fix. However, companies deny doing so … When consumers' awareness increases, they are likely to become much less tolerant of companies that fail to apply appropriate security when they have the tools available.

Other security researchers have said that people should keep themselves from compromising their accounts even if they no longer use any of the sites or services affected by the latest list of data breaches.

The trend of reusing the same email addresses and passwords on multiple platforms means that hackers can use the credentials to crack other online accounts.

Gavin Miller, who works with the Tenable cyber-security firm, advises people to check whether their emails have been compromised by checking it on the Have I Been Pwned website, which compares the major data breaches.

"Of course, the best way to avoid attacks with plenipotentiary data is to always create unique email and password combinations for each account," said Milard. Independent,

"Manually doing this is untenable, so it's a good practice to always use a password manager that can create and store complex passwords and even warn users about compromised passwords found in data breaches."

Source link