[ad_1]
The threat intelligence team at Recorded Future, an American firm specializing in cyber security, claims to have identified the hacker who has collected and then sold a huge collection of e-mail and email addresses. pbadwords known as Collection # 1.
The company's experts believe that a hacker using the pseudonym "C0rpz" is a person who has rigorously and meticulously collected billions of user data over the past three years. This includes records of companies that have already been hacked and whose data has been published or sold online.
Recorded Future says that C0rpz is not only responsible for badembling and selling Collection # 1, a data treasure of 773 million unique email addresses and a little less 22 million unique pbadwords that made the headlines early in the year, but many other data collections. .
The researchers say the No. 1 collection was part of a larger set containing seven other "collections" in total.
- "ANTIPUBLIC # 1" (102.04 GB)
- "AP MYR & ZABUGOR # 2" (19.49 GB)
- "Collection No. 1" (87.18 GB)
- "Collection No. 2" (528.50 GB)
- "Collection No. 3" (37.18 GB)
- "Collection No. 4" (178.58 GB)
- "Collection No. 5" (40.56 GB)
Of the seven, the AntiPublic collection had already leaked online and had been shared with other hackers since April 2017. The rest appeared to be new items, which had not been seen online since this month .
The largest collection of violated data, including the recent "Collection No. 1", was disclosed earlier today online in its entirety.
Leak on the same forum where the data of the collection n ° 1 were published.
Good hunt! pic.twitter.com/fMN2GiTAY6
– Catalin Cimpanu (@campuscodi) January 18, 2019
In total, these databases appear to contain more than 3.5 billion user records, in combinations such as email addresses and pbadwords, usernames and pbadwords, as well as cell phone numbers and pbadwords.
Recorded Future says that C0rpz has sold this data to other hackers, who are now broadcasting it for free via the MEGA online sharing portal and via torrent links.
Some of the hackers who bought this data from C0rpz are Sanix, another hacker identified for the first time by infoec journalist Brian Krebs as the source of the No. 1 collection, and Clorox, the person who originally shared the story. # 1 free collection on Raid Forums at the beginning of. the month, inadvertently exposing this huge treasure trove of data to researchers and security journalists.
"None of the three players has been on our radar," said Andrei Barysevich, director of Advanced Collection at Recorded Future. ZDNet in an email today. "However, we found an earlier online footprint on all players, which does not suggest that these actors are sophisticated."
Barysevich also said ZDNet that his team has found "no evidence" that the three named, including C0rpz, are hackers, responsible for real infractions in any business.
"We think they just aggregated the data over time," Barysevich told us.
But the experts at Recorded Future are not 100% sure of the attribution of these collections of data to C0rpz – no attribution involving auto-magnification and malicious hacking can really never be 100%. The experts are also studying another possible source of leaks, which they have not named yet.
"On January 10, 2019, an actor from a famous Russian-speaking hacker forum released a magnet link and a direct download link to a database containing 100 billion hosted user accounts on a personal website ", said Recorded Future in a report. published earlier today. "The following week, the actor clarified that the data dump referenced in Troy Hunt [Collection #1] the article was also included in their dump ".
To be fair, it does not matter who badembled, sold or shared this data in the end. All of this data was previously available for years. The difference was that in the past, this data was shared in individual packages, by origin site.
Data keepers (hackers who have collected data from hacked sites) now tend to collect these small leaks and violations in gigantic packets.
This has become a trend because more and more businesses are being hacked and the value of individual leaks has become smaller. The data vendors have adapted and started to merge the leaks to continue generating profits.
It is likely that hundreds of similar mega-packages will be shared on hacking forums out of the public eye as we speak, but they are not yet known.
Finally, they will do it. When this happens, cybercrime groups collect these cumulative leaks, retrieve new records from users they do not have and use this information to spam our inboxes, try brutal attacks against our accounts. online or, worse yet, use this information for extortion or financial fraud.
It is likely that most of our data has already been disclosed online. All we, users, can do is protect our accounts with strong, unique pbadwords per site, enable multi-factor authentication whenever possible, and avoid entrusting our data to a company requesting our information. without any good reason.
Now, if we could only get reporters to stop blowing out of these "collections" whenever one of them surfaced online.
More data breach coverage:
[ad_2]
Source link
