After the TalkTalk incident when data of over 1.2 million customers was stolen and leaked online; The Mail has reported that 14 other companies are also victims of similar attack. The Mail has also reported in its news item that the stolen data is being sold on “Dark Web” that can be accessed from a specially developed encrypted browser. The Dark Web is used by criminals to sell narcotics, weapons and other criminal elements who are involved in illegal activities including child pornography.
The 14 companies that have been affected by the leak of information include Amazon, Vodafone, Ticketmaster, Sky TV, Visa and Uber and Subway. After further investigation, The Mail discovered that the data of TalkTalk customers that includes their personal details such as names, phone numbers and email addresses as well as their financial information such as the details of their bank accounts and debit and credit cards were available for sale for GBP1.63 on the Dark Web. Police has already arrested three persons in connection with the investigations of the hacking incident of TalkTalk.
Further investigation by the newspaper revealed that the Visa debit card details of the account holders of Halifax is available for GBP10. Also, information related to the customers of Vodafone, Amazon and Sky TV are available for 10 pence. Vodafone recently confirmed that the information of its more than 1800 customers was leaked and it is possible that this information could be a part of the data being sold on the Dark Web.
The information that is being sold on the Dark Web includes login credentials of users of Amazon, Ticketmaster, Subway and Uber. These details are available in bulk for purchase. After the findings of The Mail, Subway asked its customers to change their passwords. Loyalty points of Airmiles, Boots Advantage card and Nectar card are also available for sale. The transactions on this unregulated part of the web takes place in Bitcoins, a cryptocurrency that is held in encrypted wallets and it is impossible to trace the transactions or the buyer and the seller dealing in Bitcoins.
A reporter with The Mail accessed one of the websites on the Dark Web that is quite similar to eBay. The newspaper found a seller with the alias “The Martian” selling details of TalkTalk clients and the advertisement of this seller states he has an access to the credentials of over 200,000 users. The investigation by The Mail also revealed that the advertisement listed by The Martian had 466 views and there were 18 sales. The newspaper bought a sample to check the authenticity of the available details and they were delivered details of several users.
The website also has a listing of Halifax debit card details. A seller named “Sterlingsilver” is selling the details for GBP10. The Mail contacted a customer whose Halifax debit card details and personal information was available and the customer confirmed the authenticity of the details. Similarly a seller named “Stackcash” is selling user ids and passwords of Amazon UK customers.
After the discovery of these breaches of information was reported by The Mail, the National Crime Agency and the police have initiated an investigation into these incidents.
The Lithuanian 000Webhost is one of the most popular free webhosting services and has over 13.5 million users. It ranks among the top search results in Google and is quite popular for its services. However, according to a report from Forbes, the login credentials of these users, that includes their usernames, passwords, email addresses, last […] Continue reading →
In September, researchers at FireEye Labs discovered a group of malicious adware created by a company based in China and Singapore called NGE Mobi/Xinyinhe. On October 7, FireEye detected a similar adware family capable of completely taking over Android based devices. Researchers have named it kemoge after its CnC domain aps.kemoge.net. It is believed that […] Continue reading →
Palo Alto Networks has detected a malware capable of attacking even those non-jailbroken iOS devices. The researchers have named the malware as YiSpecter. It follows unique methods that involves exploiting private APIs in iOS and infecting them. Private APIs are undocumented by Apple and, therefore, avoid being detected. Apple’s App Store has around 100 such […] Continue reading →
St. Louise-based Scottrade Inc. has sent out an email to its clients informing them of a recent cyber -attack that affected their systems. The company has revealed that they were alerted of the breach by FVI agents who have been investigating it since it occurred sometime between late 2013 and early 2014. It was further […] Continue reading →
Recent reports presented by Scott Erven and Mark Collao at Derbycon have revealed that thousands of medical systems are exposed to widespread cyber-attacks. The researchers reported that a giant U.S. medical organization with 12,000 staff and 3,000 physicians has over 68,000 systems that are vulnerable. The researchers indicate that this is just the tip of […] Continue reading →
Gatekeeper is the security feature of Mac OS X that protects users from malicious applications and code execution on their Mac computers. It warns Mac users from installing unsigned apps or the ones downloaded through an unencrypted connection. Gatekeeper does an efficient job of preventing the installation of Trojans and applications with malicious codes. However, […] Continue reading →
On 28th September 2015, a vulnerability was detected in WinRAR SFX v5.21. It is the latest version of WinRAR, a commonly used file compression tool. Attackers can exploit the vulnerability and compromise a computer with WinRAR installed on it. The bug is in the “text and icon function” under the module “Text to display in […] Continue reading →
One of the most malicious attacks that can ever be launched on a website is being flooded with multiple requests that it cannot handle, otherwise known as DDoS’es. According to internet security researchers, this nightmare may have recently become a reality after one site was targeted in such a manner with an aim of overwhelming […] Continue reading →
Two new malwares that affect point of sale (PoS) machines have been detected by the researchers at Trend Micro. The malware have been affecting small and medium sized businesses or SMBs, primarily in the United States. These two malwares have been named Katrina and CenterPoS by their developers. Trend Micro researchers had earlier reported PoS […] Continue reading →