Hackers leak hacker data at Swarmshop Breach
There is no honor among cyber thieves. The possibility of accessing new hacking tools and other valuable assets seems to be too profitable for some hackers to respect their criminal opponents. This is the second user data in a year or so. hacker User data – from Swarmshop card shop Leaked online.
According to Group-IB researchers, hackers leaked data from
Swarmshop, known as “a medium-sized” neighborhood “store for stolen personal
and payment records,” in another underground forum. It’s been found leak. The
database contained 12,344 records for card shop administrators, sellers, and
buyers, including data such as nicknames, contact information, activity
history, hashed passwords, and current balances. Group-IB has deposited a total
of just over $ 18 million in all accounts, as card shop users “do not save
large amounts of money in their accounts, but replenish their balances and make
payments as needed.” Said not.
“Honor among thieves” is a Hollywood myth
Netenrich’s CISO, Chris Morales, said the honor among the
thieves was “Hollywood myth.” “Beyond the usual commercial attack motives we
focus on most often, the ego is still very motivated,” he added.
Among other published information was traded at Swarmshop,
including 623,036 payment card records from various banks in the United States,
Canada, the United Kingdom, China and other countries, and 498 sets of
credentials for online bank accounts. There was infringing data. The database
also leaked 69,592 sets of Social Security numbers and Canadian insurance
numbers.
Naveen Sunkavally, Chief Architect of Horizon 3.ai, is more
interested in the proliferation of user credit card information and online
banking credentials than hackers getting the information themselves. “Attackers
can use these credentials against a variety of systems and look like legitimate
users, so they rarely trigger security events,” says Sunkavally. “In the end,
the biggest losers are regular users.”
The cause of the breach is not clear, but after reviewing
the published records, two of the card shop users tried to insert a malicious
script that searches for website vulnerabilities in the contact information
field. “It became clear, the researchers said. Still, they said it was
impossible to see if these two attempts were related to the breach.
Researchers know about the incident that “newly registered
users posted links and passwords to Swarmshop card shop databases on various
forums,” card shop managers said last year. I came to claim that it wasn’t.
violation. They recommended that Swarmshop users change their passwords after news
of the breach was reported. “One week after posting, Swarmshop users were
redirected to the” under maintenance “page when they tried to log in,” Group-IB
said. “At the same time, card shop users reported problems with their account
balances.”
Hack other hackers
According to Group-IB, it’s nothing new for hackers to hack
their peers. Swarmshop records were leaked in an underground forum in January
2020. In that case, the user may have been motivated to take revenge.
Researchers have suggested that this latest breach may also have been motivated
by revenge.
Successful hacking by other hackers will give you a
lucrative bounty. “There is no better way to access new hacking tools, dumps,
cards, personal information (PII) and other valuable items than hacking people
who are stealing it in the first place,” said JupiterOne’s CMO. One Tyler
Shields says.
Card shops are rarely compromised, and the incident could
cast a shadow over Swarmshop’s reputation, which may involve legal corporate
CISOs and cybersecurity experts, at least for the foreseeable future. there is.
As Shield said, whether it evokes spots of empathy or just cold comfort,
cybercriminals “have security problems like everyone else. Cybersecurity It
just shows that no matter who you are, it’s a difficult problem. “
Comments
Post a Comment