Wanelo Data Breach Revealed. They perpetrated a data loss at the Digital mall Wanelo roughly in December 2018. Further, traded to the dark network.
They perpetrated a data loss at the Digital mall Wanelo roughly in December 2018. Later on, they traded the data and a host of other data leaks on a dark network auction. In addition to passwords stored as bcrypt-hash either MD5, they used 23 million unique email addresses in the hack. A source asking that “JimScott.Sec@protonmail sent the details.com” credited to HIBP.
Hacker speaks out
A hacker who in February talked with ZDNet about having to sell more than a billion users’ data is getting dangerously close to his target. Following a further 65.5 million records posted last week and approaching 932 million records in all.
The hacker’s name is Gnosticplayers and blamed for the attacks of 44 firms, including the Digital Mall Wanelo.
Hackers have been selling illicit goods such as weapons, narcotics, and hacking instruments since the middle of February, batching hacked data on Dream Market.
Data from firms such as 500px, UnderArmor, ShareThis, GfyCat and MyHeritage have been made public only to name the biggest titles. There are four-stage launches. Round 1 with 620 million user records, round 2 with 127 million user records, round 3 with 93 million user records, and round 4 (26.5 million user records).
The hack attacks again
The hacker reported ZDNet last week about its new update. Round 5 – of 65,5 million users, believed by the hacker to have taken from six firms: the Mindjolt Gaming site, the Wanelo digital mall, the Evite e-invitations platform, and the RSVP, the South Korean travel firm Yanolja, the female Mode Operandi, and Apple iCracked repair center. Hacker reported the latest upload.
While ZDNet has contacted every named organization for feedback, several of the previous 38 hackers’ victims have reported breaches, so this latest batch of stolen data is also likely to be genuine.
Quest for more
However, though many assume that the hacker sells all this knowledge for egoistic, apparent monetary purposes, the actions of gnosticplayers are greater than most people know.
The hacker was very candid in an interview with ZDNet in February following the announcement of Round 3 about his abrupt public presence.
Hackers such as Gnosticplayers belong to small underground hacker and data hocker groups. They hack enterprises, loot and sell their data to vetted associates.
This data filtered in different groups and structured. They sell the email addresses compromised to botnets for spam. They market financial data to internet theft or tax fraud groups. Botnet operators expert in credentials filling attacks offer user names and broken passwords.
This is a successful enterprise and many of the hackers don’t have to sell their knowledge of stock markets like Dream Market.
Hackers are real
The hacker told us in February that it’s about credibility. Hackers such as Peace of Mind (or Peace) today wish to return to gnosticplayers.
Throughout the 2016 edition, Harmony has earned worldwide headlines by selling over 800 million consumer records. On the vanquished RealDeal website and elsewhere. They well knew him for selling LinkedIn (167 million). MySpace (360 million), Tumblr (68 million) and VK.com (100 million), Twitter (71 million).
They actually make the data Peace sold in 2016. Peace’s initial leaks made threats so risky today with credentials stuffing. His early leaks have been pushing credential reinforcement botnets in recent years.