Popular apps like Dubsmash and MyFitnessPal were among 16 businesses hit by a hacker – leading to the theft of 617 million account details.
The hacker has since put the data up for sale for $20,000 in Bitcoin, according to The Register.
The stolen data can be bought at the Dream Market, a dark web marketplace located in the Tor network.
The account details were stolen from Dubsmash (162 million), MyFitnessPal (151 million), MyHeritage (92 million), ShareThis (41 million), HauteLook (28 million), and Animoto (25 million).
Also hit were EyeEm, 8fit, Whitepages, Fotolog, 500px , Armor Games, BookMate, CoffeeMeetsBagel, Artsy, and DataCamp.
The data would be valuable to other hackers, spammers, and blackmailers.
Although the passwords in the data are encrypted, the buyer could decode the weaker passwords and then try to use the email address to log into email and social media accounts.
There is no financial data in the stolen profiles.
The seller told The Register the Dubsmash user details were bought by at least one customer.
Cybercriminals are trawling social media for victims to blackmail for Bitcoin – including threatening to expose them watching porn.
They claim to have evidence and use previously exposed passwords as “proof” of compromise.
A gang of ‘sextortionists’ targeted 89,000 people on sites including LinkedIn, according to UK cybersecurity firm Digital Shadows.
They are believed to have raised nearly £255,000 across 92 Bitcoin addresses, reports the Express.
Sextortion-based email campaigns seek to extort victims by threatening to publicly embarrass them for engaging in a sexually explicit act.
Las Vegas, US, 1st November 2024, Chainwire
From digital art to real-estate assets, NFTs have become a significant attraction for investors who…
Singapore, Singapore, 21st October 2024, Chainwire
HO CHI MINH, Vietnam, 17th October 2024, Chainwire
London, UK, 16th October 2024, Chainwire
Sinagpore, Singapore, 16th October 2024, Chainwire