Fraud Management & Cybercrime
Flashpoint Reports That Hackers Leaked Users’ Credentials
Maza, a Russian carding and fraud discussion forum, has been breached, and hackers have leaked users’ email addresses and forum credentials, security firm Flashpoint reports.
See Also: Case Study: Live Oak Bank Tackles Cloud Security with Orca Security
Flashpoint, which detected the breach Wednesday evening, says the exposed information includes user IDs; usernames; email addresses; passwords (hashed and obfuscated); Yahoo, MSN and Skype credentials; and other data that could help identify individuals.
A 35-page PDF leaked on the dark web also includes many users’ ICQ numbers, which can be used to connect multiple accounts to the same user across many forums and different nicknames over time, Flashpoint notes.
The hackers might be law enforcement agencies or forum members, Flashpoint says. “We have recently seen some law enforcement successes in this space, and it is possible that the recent increase in broader criminal activity in the cyber landscape gave them an opportunity to conduct this operation against Maza,” Flashpoint tells Information Security Media Group.
“Threats to Maza users are that their contact details are now exposed,” Flashpoint says. “This will enable investigators to initiate or further any investigations targeting their illicit activity and removes a layer of anonymity that these forums have traditionally afforded.”
Maza, an invitation-only…