Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Gnosticplayers round 5 – 65 Million+ fresh accounts from 6 security breaches available for sale

The popular hacker Gnosticplayers made the headlines again, he is offering for sale on the dark web the fifth round of hacked accounts. The popular hacker Gnosticplayers is offering for sale on the dark web the fifth round of hacked accounts. Between February and March, the hacker disclosed the existence of some massive unreported data […]

Gnosticplayers

The popular hacker Gnosticplayers made the headlines again, he is offering for sale on the dark web the fifth round of hacked accounts.

The popular hacker Gnosticplayers is offering for sale on the dark web the fifth round of hacked accounts.

Between February and March, the hacker disclosed the existence of some massive unreported data breaches in four rounds. The experts offered for sale the huge trove of data for a limited period of time, he stole over 932 million user records from 44 companies.

Gnosticplayers in an exclusive conversation with HACKREAD claimed to be a Pakistani citizen, a hacktivist fighting to put a positive image of his country.

In a first round, the seller listed a batch of 620 million accounts coming from 16 breached websites including Dubsmash, Armor Games, 500px, Whitepages, and ShareThis. A few days later, Gnosticplayers offered a new batch of 127 million records originated from eight companies.

The third round contained more than 92 million hacked users’ accounts from 8 new websites, including the GIF hosting platform Gfycat.

In the fourth batch, the hacker offered millions of records stolen from the following websites;

  1. Youthmanual — Indonesian college and career platform — 1.12 million accounts
  2. GameSalad — Online learning platform —1.5 million accounts
  3. Bukalapak — Online Shopping Site — 13 million accounts
  4. Lifebear — Japanese Online Notebook — 3.86 million accounts
  5. EstanteVirtual — Online Bookstore — 5.45 Million accounts
  6. Coubic — Appointment Scheduling — 1.5 million accounts

Now the hacker is offering a new batch of 65.5 million records on the Dream Market underground marketplace, for a grand total of 932 million records.

The list of victims for this round includes six companies: the gaming platform Mindjolt, the online community for shopping Wanelo, the Apple repair center iCracked, the travel company Yanolja, the e-invitations service Evite, and women’s fashion store Moda Operandi.

Gnosticplayers

In an email to ZDNet, Gnosticplayers confirmed that he is offering the new batch for sale for 0.8463 Bitcoin (roughly $4222, 20).

Below the data composing the fifth round:

  • Mindjolt (฿ 0.1008) – 28M – email, full name, birth date, register date, gaming details, no password;
  • Wanelo (฿ 0.159) – 23M – email, username, password (3 million MD5, remaining protected with bcrypt)
  • iCracked (฿ 0.1108) – 1.5M – name, physical address, geo-location details, email, password, and more;
  • Yanolja (฿ 0.1209) – 1.5M – email, MD5 password;
  • Evite (฿ 0.2419) – 10M – full name, country, email, IP address, cleartext password;
  • Moda Operandi (฿ 0.1129) – 1.5M – email, name, password (SHA1), user-agent, IP address, and more;
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, dark web)

[adrotate banner=”5″]

[adrotate banner=”13″]