In Darknet, a hacker offers nearly 617 million accounts for sale. They come from different websites. Some of them did not know that they had been hacked.
A stranger in Darknet sells account information from 16 hacked websites. The database contains about 617 million user accounts. The database itself is several gigabytes in size. This reports “The Register”.
According to the page, the data is sold on the black market page “Dream Market”. This can only be reached via the Tor network. The stranger calls for the database nearly $ 20,000 in Bitcoin .
From these pages comes the data
According to “The Register”, the data comes from the following pages. The number in parenthesis represents the number of user accounts affected:
- Dubsmash (162 million)
- MyFitnessPal (151 million)
- MyHeritage (92 million)
- ShareThis (41 million)
- HauteLook (28 million)
- Animoto (25 million)
- EyeEm (22 million)
- 8fit (20 million)
- White Pages (18 million)
- Fotolog (16 million)
- 500px (15 million)
- Armor Games (11 million)
- BookMate (8 million)
- CoffeeMeetsBail (6 million)
- Artsy (1 million)
- DataCamp (700,000)
According to “heise online” the hack of some pages in the list was previously unknown – for example, the photo community “500px”.
“The Register” has checked the data for authenticity by random sampling. The data consists mainly of log-in name, password and an e-mail address. Some also contain information such as the location or personal details.
Passwords (bad) secured
The passwords should be encrypted, so they are not in clear text. However, some sites used the unsafe MD5 method. Hackers can decrypt the password and try to log into the associated email account. That would be a realistic scenario as many users use the same password on different pages. In the mail account hackers would have access to further information of the affected user.
The seller of the data said to “The Register” that his goal was “to make life easier for hackers”. In addition, he wanted to earn money and make Internet users aware of their data better protected. According to his statements, he still has over 20 databases with just under a billion accounts. According to the hacker, at least one person has already bought the data for Dubsmash.
Here you can check if your data has become the victim of a hack
Internet users should regularly check if your data has become a victim of a leak. There are different websites for this. Above all, the page “Have I been Pwned?” Is known. I T expert Troy Hunt. Here you can also check if your password is still secure. Click here to go to the website.
There are also other pages and add-ons for browsers that inform you whether your own data is in danger. Here you will find an overview of useful links . Chrome users can also recently install a corresponding add-on for their browser .
Use secure password
It is also important to use a secure password. What should look best, read here
Be sure to use an individual password for each account. If you can not remember so many passwords, you can put them in a password manager. This way, you only need to remember the password for the password manager. An overview of the best password managers and how to use them can be found here .
- Malware “Emotet”: Authority warns against false Microsoft emails
- Unintentionally sent: Consumer Center reports mysterious Amazon packages
- “Technically obsolete”: Microsoft warns against Internet Explorer
- Data sets with log-in information keep coming up in the network. It was only in January 2018 that I T expert Troy Hunt made a database of 21 million passwords public .