Tag Archive for: Sell

Roku Suffers Data Breach, Hackers Sell Credentials of Hundreds of 15,000 Stolen Accounts

/in


Streaming platform Roku officially discloses hackers have successfully breached its systems to steal more than 15,000 customer accounts containing sensitive information. Hundreds of the accounts are reportedly being sold online as the breach has given hackers access to the owner’s stored credit card information to make illegal purchases.

With over 80 million active users, the firm reportedly disclosed the hack on Friday in documents it filed with the attorneys general of Maine and California. Fifteen thousand three hundred sixty-three accounts were compromised between December 28, 2023, and February 21, 2024, according to the papers.

The documents show that hackers gained access to the accounts by obtaining login credentials from other sources, instead of getting into Roku’s system. Using a hacking technique called a credential stuffing assault, threat actors gather credentials that have been made public in past data breaches and then try to use them to access other websites.  

DNA Testing Companies Adopt Two-Factor Authentication in Response to 23andMe Data Breach

(Photo : THOMAS SAMSON/AFP via Getty Images)
An agent of the operational center of the French National Cybersecurity Agency (ANSSI) checks datas on a computer in Paris on November 24, 2022.

According to the firm, once an account was compromised, threat actors were able to alter all of the user’s data, including passwords, email addresses, and shipping addresses.

Roku clarified, however, that the unauthorized actors who gained access to the impacted Roku accounts did not have dates of birth, social security numbers, complete payment account numbers, or any other kind of sensitive personal information that needed to be disclosed.  

This essentially locked the user out of the account, enabling threat actors to utilize the saved credit card information to make transactions without sending order confirmation emails to the actual account holder.

According to BleepingComputer, several threat actors are employing the Open Bullet 2 or SilverBullet cracking tools to carry out credential-stuffing assaults. With the help of these apps, hackers can import custom configuration files made specifically to carry out credential-stuffing attacks against particular…

Source…

Sony Investigating After Hackers Offer to Sell Stolen Data

/in


Sony has launched an investigation after a cybercrime group claimed to have compromised the company’s systems, offering to sell stolen data.  

A representative of the Japanese electronics and entertainment giant told SecurityWeek that it’s currently investigating the situation and has no further comments at this time. 

The probe was launched after a relatively new ransomware group named RansomedVC listed Sony on its Tor-based website, claiming to have compromised all Sony systems. 

“We won’t ransom them,” the hackers said. “We will sell the data due to Sony not wanting to pay. Data is for sale.” 

The cybercriminals have provided several files in an effort to demonstrate their claims, including some Java files and screenshots apparently showing access to source code and applications associated with Sony’s Creators Cloud media production solution. 

One leaked file, a PowerPoint slideshow, is marked ‘confidential’ and appears to be from Sony’s quality department, but it’s dated 2017. 

A majority of the leaked files seem to originate from servers associated with Creators Cloud and the hackers have not provided evidence that all Sony systems have been compromised. It’s not uncommon for these types of cybercrime groups to make exaggerated claims. 

Threat intelligence group VX-Underground reported on X (formerly Twitter) that the cybercriminals did not deploy file-encypting ransomware or steal any corporate data. They allegedly exfiltrated data from Jenkins, SVN, SonarQube, and Creator Cloud development systems. 

Advertisement. Scroll to continue reading.

The RansomedVC group’s website currently lists nearly 40 victims, with ransom demands ranging between a few thousand dollars and $1 million, depending on the targeted organization’s size and revenue. The group announced its first victim in early 2023. 

On the same day it announced Sony as a target, RansomedVC also listed Japanese mobile phone operator NTT Docomo as a victim on its website.

The gang claims they do not target Russian and Ukrainian organizations as most of its members are from these countries. 

Cybersecurity firm Flashpoint described RansomedVC’s activities in August, pointing…

Source…

Data breach at Social Blade confirmed. Hacker offers to sell database on underground website

/in


Social media analytics service Social Blade has confirmed that it is investigating a security breach after a hacker offered its user database for sale on an underground criminal website.

In a notification sent to Social Blade users, the firm said that it had confirmed that its database was being offered for sale on a hacking forum after being notified of a potential breach on December 14th.

According to Bleeping Computer, Social Blade’s data was first put on sale on the underground forum on December 12, 2022.

The hacker, meanwhile, claims to have stolen the database of 5.6 million records in September.

Social Blade, which monitors the social media accounts of tens of millions of users, issued a reassurance that no credit card information had been leaked, but did say that the leaked data included email addresses, IP addresses, password hashes, client IDs and tokens for business API users, auth tokens for connected accounts, and “many other pieces of non-personal and internal data.”

In addition, the firm warned that “a very small subset of the data (about a tenth of a percent)”” also included the addresses of users.

Social Blade went on to say that although password hashes had been leaked, it did not believe they were at risk as the strong bcrypt encryption algorithm had been used. Nonetheless, it would be sensible for affected Social Blade users to change their passwords, ensuring that new passwords are hard-to-crack or guess, and are unique.

Business API tokens have meanwhile been reset to prevent exploitation by unauthorised third parties.

Social Blade believes that the individual who stole its data accessed it by exploiting a website vulnerability. It says it has closed the security hole and is conducting additional reviews of its systems to ensure that security is further hardened.

Anyone who has used Social Blade would be wise to not only change their password but also to be on the lookout for scams and phishing attacks which attempt to use the breached information to trick the unwary into handing over further details.

Source…

Hacker who stole Ed Sheeran’s unreleased music to sell for crypto gets 18-month jail term in the UK

/in


A hacker who illegally accessed cloud-based accounts of 89 artists — including Ed Sheeran and Lil Uzi Vert — and sold their unreleased music on the dark web in exchange for cryptocurrency was sentenced to 18 months in jail.

Adrian Kwiatkowski of Hampton Road, Ipswich, was found guilty of obtaining unreleased and unfinished material from the said accounts and made £131,000 ($148,000), according to the City of London Police on Friday (October 21).

The 23-year-old hacker pleaded guilty to 14 copyright offenses, three counts of computer misuse and three offences under the Proceeds of Crime Act at the Ipswich Magistrates Court on August 27.

Most recently, he was sentenced to 18 months in jail at Ipswich Crown Court.

“Kwiatkowski was a highly skilled individual who unfortunately saw potential in using his abilities unlawfully. Not only did he cause several artists and their production companies significant financial harm, he deprived them of the ability to release their own work,” Detective Constable Daryl Fryatt from City of London Police’s Police Intellectual Property Crime Unit (PIPCU) said.

Added Detective Constable Fryatt: “This investigation is an excellent example of the way PIPCU and its partner agencies work across international borders to identify those involved in criminal activity. Kwiatkowski will now face the consequences of his actions, and I hope this result will also make his customers refrain from purchasing illegal content again.”

The sentence marks the culmination of a yearslong investigation into Kwiatkowski, which began when the management companies of several musicians reported that the hacker, known online as Spirdark, gained access to a series of accounts and sold unreleased music online.

The Manhattan District Attorney’s Office launched the investigation in 2019. The probe managed to track Spirdark’s cryptocurrency account, as well as the IP address of the device used to hack one of the accounts as his home address.

Kwiatkowski was then arrested on September 12, 2019 following further investigation and seven of his devices including a hard drive containing 1,263 unreleased songs by 89 artists were uncovered. About £64,000 worth of Bitcoin was also…

Source…