Cyber security news for all

More

    Hackers have sold 40 million user registration data for the popular Wishbone app

    Today, hackers have published information about the 40 million registered users of the popular mobile app- Wishbone; which allows users to compare two elements with a simple vote.

    The data was advertised on several hacker forums and sold at 0.85 bitcoin.

    Based on the vendor ’s statement and the choice of data published on the Internet, Wishbone data includes user information such as user name, email, phone number, city/state / country, and hashed password.

    The hacker claims that the password is in SHA1 format; however, the samples reviewed today by news sources shows the password in MD5.

    Wishbone hack took place earlier this year

    The seller claims that the Wishbone application data was obtained through a hacker attack that occurred earlier this year. The user records and latest login date included in the Wishbone app sample data confirm this statement, and all timestamps are related to January 2020.

    However, it is unclear whether the person who posted all the ads on the hacking forum is a real hacker.

    The person behind the forum announcement is what a security researcher calls a “data broker”. This is a cybercriminal who specializes in buying and selling pirated databases in the name of cybercriminals.

    From the Ads seen online, the threat entity is currently selling databases of dozens of other companies, totaling more than 1.5 billion records.

    wishbone

    We accept emails from users of today’s sample data and check them on the “I ’ve Been To” website; which allows users to check whether their emails were part of the previous hacking attacks.

     

    However, because “I am a private user” allows users to hide their emails from public searches; we also checked these emails on a private platform managed by KELA Threat Intelligence, which also indexed and tracked data leaked in older breaches.

     

    All the accounts included in the general sample today were not in the Wishbone breach in 2017; which proves that these are new accounts, which is a new breach.

    The company said: “Data protection is essential.” “We are investigating this issue and will share any significant progress.”

     

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox