Hackers leak hacker data at Swarmshop Breach

There is no honor among cyber thieves. The possibility of accessing new hacking tools and other valuable assets seems to be too profitable for some hackers to respect their criminal opponents. This is the second user data in a year or so. hacker User data – from Swarmshop card shop Leaked online.

According to Group-IB researchers, hackers leaked data from Swarmshop, known as “a medium-sized” neighborhood “store for stolen personal and payment records,” in another underground forum. It’s been found leak. The database contained 12,344 records for card shop administrators, sellers, and buyers, including data such as nicknames, contact information, activity history, hashed passwords, and current balances. Group-IB has deposited a total of just over $ 18 million in all accounts, as card shop users “do not save large amounts of money in their accounts, but replenish their balances and make payments as needed.” Said not.

“Honor among thieves” is a Hollywood myth

Netenrich’s CISO, Chris Morales, said the honor among the thieves was “Hollywood myth.” “Beyond the usual commercial attack motives we focus on most often, the ego is still very motivated,” he added.

Among other published information was traded at Swarmshop, including 623,036 payment card records from various banks in the United States, Canada, the United Kingdom, China and other countries, and 498 sets of credentials for online bank accounts. There was infringing data. The database also leaked 69,592 sets of Social Security numbers and Canadian insurance numbers.

Naveen Sunkavally, Chief Architect of Horizon 3.ai, is more interested in the proliferation of user credit card information and online banking credentials than hackers getting the information themselves. “Attackers can use these credentials against a variety of systems and look like legitimate users, so they rarely trigger security events,” says Sunkavally. “In the end, the biggest losers are regular users.”

The cause of the breach is not clear, but after reviewing the published records, two of the card shop users tried to insert a malicious script that searches for website vulnerabilities in the contact information field. “It became clear, the researchers said. Still, they said it was impossible to see if these two attempts were related to the breach.

Researchers know about the incident that “newly registered users posted links and passwords to Swarmshop card shop databases on various forums,” card shop managers said last year. I came to claim that it wasn’t. violation. They recommended that Swarmshop users change their passwords after news of the breach was reported. “One week after posting, Swarmshop users were redirected to the” under maintenance “page when they tried to log in,” Group-IB said. “At the same time, card shop users reported problems with their account balances.”

Hack other hackers

According to Group-IB, it’s nothing new for hackers to hack their peers. Swarmshop records were leaked in an underground forum in January 2020. In that case, the user may have been motivated to take revenge. Researchers have suggested that this latest breach may also have been motivated by revenge.

Successful hacking by other hackers will give you a lucrative bounty. “There is no better way to access new hacking tools, dumps, cards, personal information (PII) and other valuable items than hacking people who are stealing it in the first place,” said JupiterOne’s CMO. One Tyler Shields says.

Card shops are rarely compromised, and the incident could cast a shadow over Swarmshop’s reputation, which may involve legal corporate CISOs and cybersecurity experts, at least for the foreseeable future. there is. As Shield said, whether it evokes spots of empathy or just cold comfort, cybercriminals “have security problems like everyone else. Cybersecurity It just shows that no matter who you are, it’s a difficult problem. “