Researchers from security firm Cyble discovered a hacker group selling Wishbone.io database on darknet forums. The leaked database contained over 40 million records of Wishbone users–a social platform that allows users to compare social content via voting poll.
According to the researchers the hacker group listed the database for free download on several dark web forums. The exposed database contains users’ personal data including, email addresses, names, usernames, phone numbers, geographic locations, genders, social media profiles, hashed MD5 passwords, Facebook and Twitter access tokens, gender, date of birth, and profile images, etc. The researchers also stressed that the exposed data could be used for several kinds of malicious activities including launching phishing campaigns, identity thefts, account takeovers, and credential stuffing attacks.
Multiple Hackers Involvement
BleepingComputer reported that it was aware of hackers selling the Wishbone database through private deals in various darknet forums. It stated that a different seller advertised the sale of the Wishbone database on a hacker forum at $8,000. It was found that the infamous hacker group “Shiny Hunters” leaked the entire database and kept for free on the same hacker forum. Experts have suggested Wishbone users to change their passwords and be vigilant of their accounts.
Mark Bower, senior vice president at data security specialists comforte AG, said, “It looks like security and privacy have been an afterthought, not a matter of culture and software development process. If the passwords are hashed with MD5, then the users affected should be immediately making sure their ID’s and passwords aren’t used elsewhere with the same password. MD5 is a goner as far as security is concerned but used by mistaken developers unfamiliar with its security risks, or using older code libraries using MD5. Hashed MD5 passwords aren’t difficult to brute force. The bigger issue here is the personal data though – so now attackers have a bunch more data for social engineering.”
Shiny Hunters Flood the Darknet with Leaked Databases
Shiny Hunters have been responsible for numerous data breaches including the breach of 73.2 million user records from over 11 companies. The hackers are also behind the Tokopedia data breach, in which 91 million user records were compromised and kept on sale on the hacking forums for $5,000. Later, the group breached India-based online learning platform Unacademy, which exposed details of 22 million users and kept the records for sale on the darknet forums for $2,000.