A hacker who has previously sold sensitive information of more than 800 million users in the dark web has once again opened a fourth franchise of the data that he/they illegally collected from different corporations with weak cybersecurity protocols.
The hacker or hacker group named Gnosticplayers has put up for sale the data from six different companies, totaling to 26.42 million user data and records, for which he is exchanging to anyone who can pay him/they with 1.2431 bitcoin ($4,940.00).
Since February 11, the hacker/group has put up data for sale of more than 32 companies on Dream Market, a dark web marketplace. Today, the hacker published a new batch of files from six new companies such as the game dev platform, GameSalad, Brazilian book store, Estante Virtual, online task manager and scheduling apps, Coubic and LifeBear, Indonesia e-commerce giant Bukalapak, and Indonesian student career site, YouthManual.
The data from the popular game development platform, GameSalad, that was hacked last February 2019 includes email addresses, passwords (SHA1/SHA256), username, and IP addresses of users. Similarly the Brazilian book shop, Estante Virtual includes names, username, passwords (SHA1), address, emails, and phone number. Similarly, the hacker/s is/are also selling data from Coubic, scheduling software that includes name, email, and passwords, as well as from LifeBear, a Japanese scheduling app. Furthermore, the hacked data from Bualapak, an Indonesian e-commerce website that was hacked since July 2017 that includes usernames, names, email addresses, password hashes (SHA512+salt), shopping details, and IP address. Lastly, the on-sale data also include hacked names, emails, password hashes, hobbies, and education details of users from the Indonesian youth and career site, YouthManual.
Many of the companies that Gnosticplayers put up for sale in the previous rounds of the auction have already reported and confirmed that their servers had been breached and data have been taken. Coubic, the scheduling software whose hacked data are included in the latest round of hacked data sale have said that their company is already investigating the supposed incident.
It is also interesting to note that most of the data that Gnosticplayers were illegally taken only just last month, February 2019, during a series of hacks that have infiltrated the servers of the said companies.
COMPANIES ARE TO BLAME
According to the hacker/s, the main reason that the data are on sale right now is that the said companies have failed to protect their own data and passwords with robust encryption algorithms like bcrypt.
According to Gnosticplayers, most of the hash passwords that they have put on sale today can be cracked with various levels of difficulty – but they can be broken.
“I get upset because I feel no one is learning,” the hacker said to Catalyn Cimpanu, ZDNet’s tech correspondent, through an online chat today. “I just felt upset at this particular moment, because seeing this lack of security in 2019 is making me angry.”
Previously, the hackers have said in an interview that they are planning to sell more than one billion worth of data and disappear with the money then retire and disappear with the money.
According to Cimpanu, “the hacker says this is not his target anymore, as he learned that other hackers have already achieved the same goal before him.”
The hackers also revealed that they had not released all the data that they have hacked from other companies because he and the companies have come with an agreement and a certain amount.
“I came to an agreement with some companies, but the concerned startups won’t see their data for sale,” he said. ” I did it; that’s why I can’t publish the rest of my databases or even name them.”
WORLD’S GROWING CYBERSECURITY PROBLEM
According to Victor Gevers, a cybersecurity expert who discovered multib=ple unprotected databases online, many databases are available for public consumption even to those that have only basic hacking and computer skills. These databases contain information that is similar to other vulnerable databases that he and his team have uncovered in the past.
While organizations like GDI.Foundation is uncovering these databases and reporting them as they discover them, it is still unsafe for Chinese people when these data go out in public. It’s very indicative of the poor cyber security protocol that exists in the world as someone from the United States can retrieve data from anywhere; anyone with adept knowledge in database search can do so too.
Yesterday, Gevers also discovered two more databases that appear to have similar code scheme as the ‘BreedReady’ database. He postulates that the three databases he recently uncovered were all related to each other and that he was able to trace the two new databases to a university in China. He said that these databases could be a student project that was left unprotected. /apr