Cyber security news for all

More

    Hackers have sold 40 million user registration data for the popular Wishbone app

    Today, hackers have published information about the 40 million registered users of the popular mobile app- Wishbone; which allows users to compare two elements with a simple vote.

    The data was advertised on several hacker forums and sold at 0.85 bitcoin.

    Based on the vendor ’s statement and the choice of data published on the Internet, Wishbone data includes user information such as user name, email, phone number, city/state / country, and hashed password.

    The hacker claims that the password is in SHA1 format; however, the samples reviewed today by news sources shows the password in MD5.

    Wishbone hack took place earlier this year

    The seller claims that the Wishbone application data was obtained through a hacker attack that occurred earlier this year. The user records and latest login date included in the Wishbone app sample data confirm this statement, and all timestamps are related to January 2020.

    However, it is unclear whether the person who posted all the ads on the hacking forum is a real hacker.

    The person behind the forum announcement is what a security researcher calls a “data broker”. This is a cybercriminal who specializes in buying and selling pirated databases in the name of cybercriminals.

    From the Ads seen online, the threat entity is currently selling databases of dozens of other companies, totaling more than 1.5 billion records.

    wishbone

    We accept emails from users of today’s sample data and check them on the “I ’ve Been To” website; which allows users to check whether their emails were part of the previous hacking attacks.

     

    However, because “I am a private user” allows users to hide their emails from public searches; we also checked these emails on a private platform managed by KELA Threat Intelligence, which also indexed and tracked data leaked in older breaches.

     

    All the accounts included in the general sample today were not in the Wishbone breach in 2017; which proves that these are new accounts, which is a new breach.

    The company said: “Data protection is essential.” “We are investigating this issue and will share any significant progress.”

     

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox