Tag Archive for: allegedly

Data of 3.5 m MobiKwik users allegedly hacked

/in


Personal details of 3.5 million MobiKwik users seem to have been leaked, according to independent cybersecurity researchers. The Gurugram-based fintech platform, however, denied any breach, saying its user and company data are completely safe and secure.

The breach was flagged by French cybersecurity researcher Elliot Alderson in a tweet on Monday. “Probably, the largest KYC data leak in history. Congrats MobiKwik,” he tweeted with a screenshot of the data leak. “This database is 8.2TB and contains 36,099,759 files,” the screenshot showed, adding that it contained KYC data of nearly 3.5 million people. It is reported to be up for sale on the Dark Web.

In a statement, MobiKwik said, “Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organisation as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely safe and secure.”

The breach was initially flagged by Internet security researcher Rajshekhar Rajaharia in early March. In a tweet on March 4, he had said that this leak involves 11 crore Indian cardholders’ data, which were allegedly leaked from a MobiKwik server. Some users also confirmed that their data were available online.

“All my details including name, address, bank account details are there on the link shared by the independent researcher,” said a Chennai-based MobiKwik user. The allegation of a data breach comes even as MobiKwik is reportedly targeting an initial public offering before September to raise $200-250 million.

Data breach on the rise

The number of data breaches in India has been rising over the last two years. In November, BigBasket had filed a complaint with the Cyber Crime Cell in Bengaluru to verify claims made by cybersecurity intelligence firm Cyble that a hacker had put up the online grocer’s user data for sale on the Dark Web for over $40,000. In May, Edutech startup Unacademy had also disclosed a data breach that compromised the accounts of 22 million users.

According to the national cybersecurity agency, cyber attacks have surged from 53,117 in 2017 to 208,456 in 2018, 394,499…

Source…

Hackers allegedly leak data of 9.9 crore Mobikwik users in India, company rejects claim

/in




a person using a laptop computer: Hackers allegedly leak data of 9.9 crore Mobikwik users in India, company rejects claim

© Provided by Firstpost
Hackers allegedly leak data of 9.9 crore Mobikwik users in India, company rejects claim

Hackers have leaked the data such as mobile phone number, bank account details, email, and credit card numbers of 9.9 crore Indians allegedly of Mobikwik users, which the digital payments company has strongly denied. The disclosure about the data leak was made by cybersecurity analyst Rajashekhar Rajaharia who has also written to the Reserve Bank of India, Indian computer emergency response team, PCI Standards, and payment technology firms, etc.

A hacker group by the name of Jordandaven emailed the link of the database to PTI and said that they do not have any intention of using the data except to get money from the company and delete it from their end.

Jordandaven shared the data of Mobikwik founder Bipin Preet Singh and Mobikwik CEO Upasana Taku from the database.

When contacted, Mobikwik denied the claim.

The company’s spokesperson said that as a regulated entity, it takes data security very seriously and is fully compliant with applicable data security laws.

“The company is subjected to stringent compliance measures under its PCI-DSS and ISO Certifications which includes annual security audits and quarterly penetration tests to ensure the security of its platform. As soon this matter was reported, the company undertook a thorough investigation with the help of external security experts and did not find any evidence of a breach,” the Mobikwik spokesperson said.

Hackers maintained that the database is of Mobikwik and uploaded several pictures of Mobikwik QR code along with documents used for ‘Know Your Customer’ compliance mainly the Aadhaar and PAN card.

Mobikwik said that it is closely working with requisite authorities on this matter, and considering the seriousness of the allegations will get a third party to conduct a forensic data security…

Source…

CD Projekt’s stolen source code allegedly sold by ransomware gang

/in


Cyberpunk 2077

A ransomware gang who says they stole unencrypted source code for the company’s most popular games and then encrypted CD Projekt’s servers claims to have sold the data.

This past Tuesday, game developer CD Projekt Red disclosed that they suffered a ransomware attack that encrypted devices on their network.

In a ransom note left behind on encrypted systems, the attackers claim to have stolen the source code for Cyberpunk 2077, Witcher 3, Gwent, and an unreleased version of Witcher 3.

The attackers also state that they stole administration, accounting, human resources, and investor relations documents before deploying the ransomware.

CD Projekt Red ransom note
CD Projekt Red ransom note

From the company’s ransom note, security researchers were able to determine that the HelloKitty ransomware was used in the attack.

Ransomware gang says they sold CD Projekt’s data

After CD Projekt announced that they would not be paying the ransom, a threat actor named ‘redengine’ created an auction for the stolen data on a hacker forum.

This data allegedly includes the source code for Thonebreaker, Witcher 3, an unreleased Witcher 3 with raytracing, and Cyberpunk 2077. The hackers also state that it would include “dumps of internal documents” and “CD Projekt RED offenses.”

Auction on a hacker forum
Auction on a hacker forum

The auction started at $1 million, and bids were in $500,000 increments. For those who wanted to buy it immediately, the threat actors also included a buy now, or blitz, price of $7 million.

The threat actor further posted that the data contains violations that will ruin the reputation of CDPR.

Post by redengine on a hacker forum
Post by redengine on a hacker forum

The next day, cybersecurity intelligence company KELA told BleepingComputer that the ransomware gang posted that they sold the data to someone “outside the forum.”

As the terms of the sale required the threat actors to no longer distribute the data, they subsequently closed the auction.

Hackers claim to have sold the data
Hackers claim to have sold the data

At this time, there is no proof that the threat actors sold the data.

Who would purchase the data?

There has been a lot of speculation about who would purchase this data, ranging from competitors wanting to analyze CDPR’s code for corporate secrets to CDPR buying it…

Source…

What Is SIM-Swapping? Hackers Allegedly Stole $100m in Cryptocurrency From Celebrities

/in


Eight men suspected of stealing over $100 million worth of cryptocurrencies from internet influencers, sport stars and musicians were arrested on Tuesday following a year-long investigation by multiple policing authorities.



a group of items on a table: A picture taken on Februrary 27 ,2015 in Lille, northern France, shows cellphone sim cards.

© PHILIPPE HUGUEN/AFP/Getty
A picture taken on Februrary 27 ,2015 in Lille, northern France, shows cellphone sim cards.

The cybercriminal gang was dismantled this week after members targeted “thousands” of victims in the U.S. last year via “SIM-swapping” attacks, which are used to infiltrate mobile apps or online accounts by abusing a smartphone’s phone number.

Loading...

Load Error

The European law enforcement agency Europol said a probe was launched last spring and uncovered a network of around a dozen coordinated criminals.

In a “SIM-swap” scheme, criminals can intercept sensitive information by taking over a victim’s phone number associated with their device’s SIM card. They deactivate the SIM card and port its number to a new one controlled by a member of the gang.

Experts say the swapping process is often done by a hacker impersonating the owner and contacting the phone service provider to request the change. It is also aided by phishing attacks to obtain personal information, or corrupt insiders.

Broadly, after gaining control over the number, hackers can change passwords of apps and be sent codes needed to reset account credentials. After changing the codes, the criminals have access to online banking, email and social media profiles.

“This enabled them to steal money, cryptocurrencies and personal information, including contacts synced with online accounts. They also hijacked social media accounts to post content and send messages masquerading as the victim,” Europol said.

The identities of the victims were not released. Europol said additional members of the gang were recently detained in Malta and Belgium. The policing agency urged anyone concerned about the hack not to link their phone number to online accounts.

The National Crime Agency (NCA), which led the U.K.-side investigation into the attacks, said the arrested men were aged between 18 and 26 and had been detained in England and Scotland. Like Europol, it did not reveal the…

Source…