U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hackers are offering Equifax data for sale, but they are scammers

It has happened, the information stolen in the recent Equifax data breach is offered for sale on the dark web by crooks, but watch out, they are scammers. Equifax discovered the intrusion on July 29, but only 3 months the agency notified customers the incident (on September 7) that occurred between mid-May and late July. The breach affects […]

equifax hackers

It has happened, the information stolen in the recent Equifax data breach is offered for sale on the dark web by crooks, but watch out, they are scammers.

Equifax discovered the intrusion on July 29, but only 3 months the agency notified customers the incident (on September 7) that occurred between mid-May and late July. The breach affects roughly 143 million U.S. consumers and involves names, social security numbers, dates of birth, addresses and, in some cases, driver’s license numbers, credit card numbers and dispute documents.

Now security experts warn hackers are offering for sale the precious data and warned users to be vigilant on phishing attempts and scams.

The U.S. Federal Trade Commission (FTC) who is investigating the incident issued an alert regarding scam phone calls.

“Ring, ring. “This is Equifax calling to verify your account information.” Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue.” states the alert issued by Equifax.

“That’s just one scam you might see after Equifax’s recent data breach. Other calls might try to trick you into giving your personal information.”

Shortly after the Equifax data breach was disclosed, various hackers started offering the data but without demonstrating to possess them.

Many websites appeared on the Tor network, in one case hackers set up a site to blackmail Equifax, they requested the payment of 600 bitcoin (roughly $2.7 million) to avoid the release of all the data, except the credit card numbers.

It was a hoax and once discovered the hackers closed the website.

“Shortly after this breach was made public, a darknet website had popped up claiming to be selling access to the Equifax data. The hackers claim that they did not anticipate receiving such a trove of data, and need to monetize the attack quickly. They state that they will release the entire data set on September 15th, 2017 (one week from the time of the writing). They are asking for 600 BTC, or ~$2.6 million USD.” reported the Weapons Grade Shinanigans.

https://twitter.com/campuscodi/status/906131649821278208

Recently a group calling itself Equihax started a crowdfunding to collect 600 bitcoin or 8,400 Ethereum to release the precious data, the hackers also offered 1 million data entries for 4 bitcoin ($12,500).

equifax hackers

The hackers leaked the records of Donald Trump, Kim Kardashian, and Bill Gates to proof the authenticity of the data and shared many screenshots demonstrating the access to the Equifax system

Also in this case it was a scam and leaked data were already available online, while the screenshots were clearly forged.

It is easy to predict that other scam websites will emerge in the darknet offering the Equifax data.

[adrotate banner=”9″] [adrotate banner=”12″]  

Pierluigi Paganini

(Security Affairs – data breach, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]