Tag Archive for: addresses

Hackers post email addresses linked to 200 million Twitter accounts, security researchers say

/in




CNN
 — 

Email addresses linked to more than 200 million Twitter profiles are currently circulating on underground hacker forums, security experts say. The apparent data leak could expose the real-life identities of anonymous Twitter users and make it easier for criminals to hijack Twitter accounts, the experts warned, or even victims’ accounts on other websites.

The trove of leaked records also includes Twitter users’ names, account handles, follower numbers and the dates the accounts were created, according to forum listings reviewed by security researchers and shared with CNN.

“Bad actors have won the jackpot,” said Rafi Mendelsohn, a spokesman for Cyabra, a social media analysis firm focused on identifying disinformation and inauthentic online behavior. “Previously private data such as emails, handles, and creation date can be leveraged to build smarter and more sophisticated hacking, phishing and disinformation campaigns.”

Some reports suggested the data was collected in 2021 through a bug in Twitter’s systems, a flaw the company fixed in 2022 after a separate incident in July involving 5.4 million Twitter accounts alerted the company to the vulnerability.

Troy Hunt, a security researcher, said Thursday that his analysis of the data “found 211,524,284 unique email addresses” that had been leaked. The Washington Post earlier reported a forum listing promoting the data of 235 million accounts.

Hunt did not immediately respond to a question from CNN asking whether the records would be added to his website, haveibeenpwned.com, which allows users to search hacked records to determine if they have been affected. CNN has not independently verified the records’ authenticity.

Twitter didn’t immediately respond to a request for comment. Its communication team, along with roughly half of Twitter’s overall workforce, was gutted after billionaire Elon Musk completed his acquisition the company in late October. The significant staff reductions could now add to concerns about the company’s ability to respond to…

Source…

Twitter: Millions of users' email addresses 'stolen' in data hack

/in



Early indications are that at least some of the sample data the criminal is offering is real, and three Twitter users have confirmed to me that their leaked email addresses are re …

Source…

International Law Enforcement Partnership Takes Down Russian Botnet; Illicit Proxy Service Had Been Selling Hacked IP Addresses

/in


The US Department of Justice (DOJ), in partnership with law enforcement agencies from several European countries, has taken down a major Russian botnet that had compromised millions of devices worldwide. The botnet was essentially functioning as an underground proxy service provider for criminals, allowing for rental of the IP addresses attached to its collection of hacked IoT devices, Android phones and computers.

Russian botnet rented access to thousands of proxies for as little as $30 per day

RSOCKS is a Russian botnet that has been active since at least 2014, the first point at which its handlers began to advertise it openly on underground forums in the country. Over the years the botnet has amassed millions of devices in its collection, first focusing on compromising poorly secured Internet of Things (IoT) devices but soon moving on to include Android phones/tablets and even computers.

Illicit actors rented access to RSOCKS as a proxy service, primarily for the purpose of brute force / password guessing login campaigns, disguising the sources of traffic for phishing campaigns, and distributed denial of service (DDoS) attacks. This was as simple as accessing a dark web storefront that allowed rental of varying amounts of proxies by the day, ranging in price from $30 for 2,000 to $200 for 90,000.

Tom Garrubba (Risk, Cyber, and Privacy Executive, Shared Assessments) expands on the risk that these bogus proxy services present, and why takedowns of the ones of the magnitude of the Russian botnet are a major cybersecurity win: “It is great to see that law enforcement is making progress towards taking down these large botnets as of late. Botnets are so dangerous because they control large swaths of vulnerable computer systems at a scale unlike any other attack. Those infected computer pools can then be pointed at legitimate resources and cause havoc. Botnets can perform very disruptive attacks like Distributed Denial of Service or large-scale vulnerability exploitation to sell to initial access brokers who will later lend that access to ransomware gangs.”

There are legitimate proxy services in the world, but they cut off customers for engaging in the sort of cyber criminal…

Source…

7 million Robinhood Customer Email Addresses Available for Sale

/in


A famous hacking forum and marketplace is selling the personal information of about 7 million Robinhood users who were exposed in a recent data breach.

Last week, Robinhood announced a data breach after one of its employees was compromised, and the attacker utilized their account to gain access to the personal data of around 7 million customers via customer support systems.

 Late in the evening of November 3, we experienced a data security incident. An unauthorized third party obtained access to a limited amount of personal information for a portion of our customers. Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident.

The unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems. At this time, we understand that the unauthorized party obtained a list of email addresses for approximately five million people, and full names for a different group of approximately two million people.

We also believe that for a more limited number of people—approximately 310 in total—additional personal information, including name, date of birth, and zip code, was exposed, with a subset of approximately 10 customers having more extensive account details revealed. We are in the process of making appropriate disclosures to affected people.

Source

Robinhood is an American financial services firm based in Menlo Park, California. It is best known for offering commission-free stock, ETF, and cryptocurrency trading via a mobile app launched in March 2015.

Private Data Belonging to Robinhood Sold Online

Following the Robinhood data breach disclosure, a cybercriminal known as pompompurin’ posted on a hacking forum that the stolen information is available for sale.

The threat actor declared that he was selling stolen data belonging to Robinhood customers for at least five figures, which is $10,000 or more.

Threat actor selling the stolen Robinhood data

Source

The company did not reveal the theft of ID cards at first, and the attacker declares to have downloaded them from…

Source…