Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Gnosticplayers round 3 – 92 Million fresh accounts from 8 unreported security breaches available for sale

Gnosticplayers hacker is offering in a third round a new set of databases containing millions of hacked accounts from unreported data breaches. Last week, the hacker who goes by online with the moniker Gnosticplayers disclosed the existence of some massive unreported data breaches in two rounds. The experts offered for sale the huge trove of data for […]

Gnosticplayers dark web

Gnosticplayers hacker is offering in a third round a new set of databases containing millions of hacked accounts from unreported data breaches.

Last week, the hacker who goes by online with the moniker Gnosticplayers disclosed the existence of some massive unreported data breaches in two rounds. The experts offered for sale the huge trove of data for a limited period of time.

Now the same hacker is offering in a third round a new set of databases containing millions of hacked accounts from several websites, like previous ones Gnosticplayers has been made available for sale on the
Dream Market black marketplace.

Early last week, the seller listed a batch of 620 million accounts coming from 16 breached websites including Dubsmash, Armor Games, 500px, Whitepages, and ShareThis. A few days later, Gnosticplayers offered a new batch of 127 million records originated from eight companies.

On Sunday the expert published a third round containing more than 92 million hacked users’ accounts from 8 new websites, including the GIF hosting platform Gfycat.

According to The Hacker News, this round should be the last one, data were stolen from the following 8 hacked websites:

  • Pizap (Photo editor) — 60 million
  • Jobandtalent (Online job portal) — 11 million
  • Gfycat (GIF hosting service) — 8 million
  • Storybird (Online publishing platform) — 4 million
  • Legendas.tv (Movie streaming site) — 3.8 million
  • Onebip (Mobile payment service) — 2.6 million
  • Classpass (Fitness and Yoga center) — 1.5 million
  • Streeteasy (Real estate) — 990,000 (1 million)
Gnosticplayers dark web

Like previous rounds, the hacker is offering for sale stolen archive individually for a total $9,700 worth of Bitcoin.

This third round appears very concerning because none of the companies listed was aware of the data breach of its systems, this means that threat actors could buy them to target the services and their clients in the next days.

The first two round made available for sale 24 collections containing a total of 747 million stolen user credentials, now additional 92 Million fresh accounts were offered for Sale from 8 unreported security breaches,

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – data breaches, Gnosticplayers)

[adrotate banner="5"]

[adrotate banner=”13″]