Home News Over 200 Mn Records of Chinese Citizens on Darknet Sale

Over 200 Mn Records of Chinese Citizens on Darknet Sale

During their routine dark web monitoring activity, Cyble’s researchers found threat actors selling more than 200 million records of Chinese citizens on darknet forums.

SHARE
Dark Web

Researchers from security firm Cyble stated they discovered threat actors selling more than 200 million records of Chinese Citizens on darknet forums. In a security release, the researchers stated that they found a massive amount of personal information related to the people of Gongan County (a southern Hubei province), multimedia messaging service provider Weibo, and a web portal QQ as shared by the hackers in their various ads on the dark web.

Value of the Stolen Data

Cybercriminals shared a sample data of 999 household registrations of Chinese citizens from Gongan County as proof of their act. Other findings include:

  • The exposed sample data included user IDs, names, gender, birth dates, contact details, residential addresses, and code numbers of 7.3 million citizens.
  • Attackers sold over 41.8 million records of Weibo user IDs and their mobile numbers on a Russian-speaking darknet forum.
  • Personal details of 192 million QQ users were also advertised on the dark web.

Preventive Measures

Researchers from Cyble recommended certain preventive measures to avoid data leaks. These include:

  • Never click on unverified/unidentified links
  • Never open untrusted email attachments
  • Only download media from trusted sites
  • Never use unfamiliar USBs
  • Use security software and keep it updated
  • Backup your data periodically
  • Keep passwords unique and unpredictable
  • Keep software and systems up to date
  • Train employees on Cybersecurity
  • Set up a firewall for your internet
  • Take a Cybersecurity assessment
  • Update passwords regularly

What Happens to the Stolen Data?

Cybercriminals mostly misuse the compromised data for their criminal activities such as trading it on the dark web, making fraudulent purchases online, or compromising other accounts via credential stuffing attacks. Attackers focus more on pilfering financial data like credit and debit card details, bank account numbers, and login credentials. To read the full story click here…