Security Affairs
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Data of over a million users of the crypto exchange GokuMarket exposed

GokuMarket, a centralized crypto exchange owned by ByteX, left an open instance, revealing the details of virtually all of its users, the Cybernews research team has discovered. The leak comes after the team discovered an unprotected MongoDB instance, which stored information on GokuMarket crypto exchange users. Businesses employ MongoDB to organize and store large swaths […]

GokuMarket

GokuMarket, a centralized crypto exchange owned by ByteX, left an open instance, revealing the details of virtually all of its users, the Cybernews research team has discovered.

The leak comes after the team discovered an unprotected MongoDB instance, which stored information on GokuMarket crypto exchange users.

Businesses employ MongoDB to organize and store large swaths of document-oriented information, and in GokuMarket’s case, the details of over a million customers and admin users.

GokuMarket, a cryptocurrency exchange, was recently acquired by Canada-based crypto exchange ByteX. The move came after GokuMarket, which had around a million users at the time, almost went bankrupt after denying users a withdrawal option in mid-2022, a disastrous year for crypto.

GokuMarket’s exposed database was discovered in October 2023 and secured the next day after researchers sent a responsible disclosure note.

However, the database was exposed to the web for some time, which means anyone could have accessed it. Meanwhile, the open instance held a trove of sensitive data on over a million users. The data included:

  • User IP
  • Country
  • Email addresses
  • Encrypted passwords
  • User crypto wallet addresses
  • Dates of birth
  • First and last names
  • Mobile numbers
GokuMarket

The researchers believe that there’s more than enough information for a persistent attacker to develop a spear-phishing campaign, which would likely aim to drain the user’s crypto funds.

Additionally, the team discovered that the database held 35 accounts with full-admin access, including private Telegram channel IDs, exchange platform secret tokens, passwords, and other extremely sensitive information.

While individual user data may be exploited to target exposed users on other platforms through credential stuffing attacks, admin access details open up far nastier cans of worms, with attackers gaining the ability to scam en-masse, with the risk of unauthorized fund transfer.

Do you want to know more about the impact of this data leak? Take a look at the original post:

https://cybernews.com/security/gokumarket-user-data-leak/

About the author: Vilius Petkauskas, Deputy Editor at @CyberNews

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, GokuMarket)