According to information from ZDNet, a hacker nicknamed Gnintoplayers revealed to the technology news site in February about wanting to put data on more than 1 billion user profiles for sale on the black market. ZDNet experts have begun to verify the information and they found that the hacker in fact disclosed information about the nearly 65.5 million individual user profiles he seized last week. Thus, it can be implied that the actual number of user profiles that this person is holding is definitely much larger, and the “crazy” number of 1 billion stolen user profiles is not without. basis.
- The malicious ad campaign abused Chrome to hijack 500 million iOS user sessions
Besides, Gnintoplayers is also said to be responsible for the hacks involving 44 organizations and businesses around the world, and since mid-February this year, this guy has also started a number of activities. selling illegal products, such as weapons, drugs and hacking tools, on some dark websites.
Going back to the case where nearly 1 billion user profiles fell into the hands of hackers, security researchers found that the majority of data stolen and for sale belonged to large companies operating in many sectors. different, such as UnderArmor, 500px, Share This, GfyCat and MyHeritage. This amount of data has been released by the attacker in four stages. The first phase is called Round 1 with 620 million user profiles affected, Round 2 includes 127 million user profiles, Round 3 has 93 million user profiles, and Round 4 has 26.5. million user profiles.
In the latest release, the hacker revealed that 65.5 million user profiles this time were stolen from six companies, including: gaming platform Mindjolt, digital hub Wanelo, email platform and RSVP Evite, Korean travel agency Yanolja, women’s fashion store Moda Operandi and Apple repair center iCracked.
- Adblock Plus filter can be exploited to run malicious code
ZDNet then contacted each of the named companies to confirm the information, most of which reported a loss or vulnerability in its user data management system. As such, this new “batch” of stolen data is also capable of being authenticated.
In a related move, Dream Market administrators made the decision to close their market after being bombarded by nearly non-stop DDoS attacks as well as demanding ransom.
It is clear that the motive behind Gnosticplayers’ project to steal 1 billion user profiles is not simply for money like many other attacks. Cybercriminals like Gnintoplayers are part of what is known as an underground community of hackers and data hoarders, lurking in a hidden corner of the internet world rife with pitfalls. .
- 25% of “bypass” phishing emails are secured by the Office 365 default
This is a lucrative business and most of these hackers cannot openly sell the data they steal on publicly traded markets like Dream Market. The reason lies in the fact that although it is hosted on the dark web, Dream Market is basically a very open space, full of the presence of law enforcement agencies, filled with journalists as well as employees of many major cybersecurity companies around the world.
Therefore, anyone smart enough knows that selling stolen data in such a public space is an act of “putting yourself in prison”, which is “oh my grandfather in this dust”. Gnosticplayers naturally understands this, so it doesn’t rule out that this hacker is trying to gain the same reputation hackers like Peace_of_Mind (also known as Peace) did in the past.
- Disclosed personal data of more than 1.3 million people from a web application vulnerability
With more than 932 million user profiles already available and for sale on the Dream Market, this floating data by Gnosticplayers is indeed a major threat, as it can be used to significantly aid in its capabilities. botnets, which allow stuffing existing credentials with new login combinations.
Furthermore, although initially well managed, many databases that Gnintoplayers advertised on Dream Market are slowly entering the public domain, similar to the original Peace_of_Mind data. leaked before.