Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Stolen Database. Show all posts
Stolen Database
Data Breach data security Doxxed Information Leak Personal Data Breach Private Information Stolen Database

Exposing the Business of Doxing and Its Perils

 

Doxing, a once obscure practice of publishing someone’s private information online without their consent, has evolved into a dangerous and profitable underground industry. The dark world of doxing has grown increasingly sophisticated, with malicious actors exploiting the vast amounts of personal data available online to harass, extort, and even physically harm their victims. 

In its early days, doxing was often driven by personal vendettas or ideological disagreements. The perpetrators would scour social media profiles, public records, and other online sources to piece together a victim’s sensitive information, such as home addresses, phone numbers, and even social security numbers. This information would then be posted online, typically on forums or social media, where it could be used to intimidate or threaten the victim. However, the doxing ecosystem has since transformed into something far more nefarious and organized. 

Today, doxers can trick companies and institutions into handing over personal information, using social engineering tactics and other sophisticated methods. By impersonating a legitimate entity or individual, they are able to bypass security measures and obtain sensitive data, which is then sold on the dark web or used to further exploit the victim. One alarming trend within this ecosystem is the rise of “doxing for hire” services. For a fee, individuals can hire professional doxers to target specific people, providing them with a detailed dossier of the victim’s personal information. This information can include everything from private email addresses to detailed records of their online activities. 

In some cases, these services even offer “violence as a service,” where the hired doxers don’t just publish the information, but also coordinate physical attacks on the victim. The consequences of doxing can be devastating. Victims may experience a range of harms, including harassment, identity theft, financial loss, and emotional distress. In extreme cases, doxing has led to physical violence and even death. Despite these dangers, the practice remains alarmingly common and continues to evolve in ways that make it more difficult for authorities to combat. 

As the doxing industry grows, so too does the need for more robust protections for personal data and stronger legal measures to deter and punish perpetrators. The dark world of doxing for profit is a sobering reminder of the perils of our increasingly connected and data-driven world.
Read more »
Stolen Database
Cyber Attacks Private Data Ransomware attack Stolen Database

AvosLocker Ransomware Gang Target Motherboard Vendor Gigabyte

 

Taiwanese computer hardware vendor Gigabyte Technology Co. Ltd. has allegedly been hit by a ransomware attack, the second time in three months. The previous attack on the firm, occurred in August when the RansomEXX gang stole 112 gigabytes of sensitive data. 

The latest attack came to light when DarkWeb Criminal Intelligence noticed on Twitter that a group going by the name of AvosLocker is claiming to have successfully targeted the company and is publishing the samples of stolen data as proof. The ransomware gang was first discovered searching for affiliates on underground forums in late June. 

According to Privacy Sharks, the ransomware gang has released some stolen data as proof that they did indeed successfully target Gigabyte. The stolen data includes passwords and usernames, employee payroll details, human resources documents, and credit card details. 

Additionally, the shared 14.9 MB sample also contains documents linked to the relationship between Gigabyte and several firms including Barracuda Networks Inc., Blizzard Entertainment Inc., Black Magic, Intel Corp., Kingston Technology Corp., Amazon.com Inc., and Best Buy Co. Screenshots. 

If the stolen data is authentic as ransomware gang claims, then it could be a major concern for Gigabyte, especially since a report earlier this month indicated that AvosLocker is planning a twist to the classic double-extortion model to punish non-paying victims by auctioning their data rather than just free release. 

“The details in the file tree should be extremely concerning to Gigabyte as they consider the impact of this breach. In most double extortion schemes, the data theft focuses on quantity rather than quality. The file tree from this dump suggests that in this case, the threat actor focused on quality,” Jake Williams, co-founder and chief technology officer at incident response firm BreachQuest Inc. stated. “To facilitate sales, AvosLocker must steal data that’s worth buying,” he said.

“The file tree (directory listing) teased by AvosLocker certainly appears to be the kind of data that would be valuable to a multitude of cybercriminals.,” he added. Ransomware assaults have been on the surge since the infamous WannaCry attack in 2017. 

According to a report by Comparitech, in 2021 alone US firms suffered a loss of US$21 billion due to ransomware attacks. 

“The selective leaking of information is a method to further entice victims into paying the ransom, noting that this will keep occurring as long as the economics favor paying a ransom John Bambenek, principal threat hunter at information technology and security operations company Netenrich Inc. stated. What will be interesting to see is how this method of auctioning data will change the math, but in the end, crime on the internet still pays,” the report read. 
Read more »
Stolen Database
Dark Web Data Breach Guns.com Stolen Database

Threat Actor Targets Guns.com, Spills Sensitive Information on Dark Web

 

As the domain name suggests, Guns.com is a major Minnesota, US-based platform to buy and sell guns online. It is also home to news and updates for firearm owners and lovers around the globe. However, on March 9th, 2021, a database seemingly belonging to Guns.com was dumped on the popular dark web site ‘Raid Forums’.

Earlier this week, a large cache of files allegedly stolen from Guns.com also appeared on Raid Forums. The hackers behind this data dump claimed that files contain a complete database of Guns.com along with its source code. They further added that the breach took place somewhere around the end of 2020 and the data was sold privately meaning on Telegram channels or dark web forums.

According to the analysis of Hackread.com, data dump contains substantial gun buyer information including user IDs, full names, nearly 400,000 email addresses, password hashes, physical addresses, zip codes, city, state, magneto IDs, contact numbers, and account creation date.

One of the folders in the leaked database includes customers’ bank account details including full name, bank name, account type, and dwolla IDs. However, credit card numbers or VCC numbers were not leaked. 

The data dump also contains Guns.com login credentials, an Excel file in the database seems to be containing sensitive login details of Guns.com including its administrator’s WordPress, MYSQL, and Cloud (Azure) credentials. However, it is unclear whether these credentials are recent, old, or already changed by the site’s administrators amid the breach.

This can have a devastating effect on the company since all admin credentials including admin emails, passwords, login links, and server addresses are in plain text format. With this kind of sensitive information available from this hack, a skilled hacker could commit several identity fraud schemes, be well equipped to target victims with phishing scams or other malicious activities.
Read more »
Subscribe to: Posts (Atom)