Hacking incidents happen frequently; some get reported while others don’t, at least until the compromised data resurfaces somewhere on the internet. Along the same lines, ill-gotten information from over 12 million accounts has made an appearance on the dark web.
The dark web marketplaces are known for all kinds of stuff. One can buy almost anything there, provided they know where to go and have enough cryptocurrency balance to pay for it. In order to obtain the compromised information of these 12 million accounts from the seller “doubleflag”, one should be willing to pay 0.3817 BTCs, which is almost equivalent to $400.
According to reports, the credentials currently up for sale were obtained over a period of six years from various sources. The package offered by “doubleflag” is said to include content from compromised cryptocurrency forums like BitcoinTalk, MtGox, Bitcoinsec, and BTC-E. Other leaked databases on sale include user information from Whois, Paddy Power, Experian, Brazzers, GTAGaming, Dota2, CDProjektRed, XHamster, and Lastfm. The publication also informs about the presence of datasets containing US voter records.
The information contained in the leaked data sets includes names, email addresses, passwords, etc. In some cases, the database was found to include phone numbers, date of birth, locations and even IP addresses. While some of these platforms are not functional anymore, the hacked data can still come in handy as many people tend to reuse the same credentials across multiple accounts. A hacker equipped with so much data can potentially reuse it on other platforms successfully.
However, the nature and size of hacked information currently being sold by “doubleflag” don’t come as a surprise. There have been numerous reports of large-scale hacking incidents that went unnoticed for a while. Like in the case of Yahoo, the company didn’t realize that the security has been compromised until a separate incident led the cyber security experts to a previously undetected incident. Other prominent platforms that have been targeted by hackers in the past includes LinkedIn and even Google accounts.
These incidents keep reminding internet users about the importance of security and best practices when it comes to online activities. It is advisable to change passwords frequently and to use a mix of complex characters instead of easily deducible words.
Ref: IBT | Image: NewsBTC