Dating Site Breached: 20M Credentials Stolen

Share Button

A hacker calling himself “Mastermind” is claiming to be in possession of over 20 million credentials for an unnamed dating site. These credentials are claimed to be 100% valid in a posting to a paste site. Included in the list are over 7 million credentials from Hotmail, 2.5 million from Yahoo and 2.2 million from Gmail.com.

The list appears to be international in nature with hundreds of domains listed from all over the world. Hackers and fraudsters are likely to leverage stolen credentials to commit fraud not on the original hacked site, but to use them to exploit password re-use to automatically scan and compromise other sites including banking, travel and email providers.

A couple of weeks ago we anticipated that criminals will increase spear phishing activity and this incident is an early indication that they are moving in that direction, as the first step is acquiring email databases with a relevant motive.

 

Related Posts

Video Blog: Malicious Browser Extension Cyber fraud is always evolving, and criminals are always looking for new ways to monetize vulnerabilities in online systems. The latest trendy target: Browser Extensions. Watch this brief video to learn more about a malicious extension called "Colombian Weather Live" that recently appeared in official app stores.    

For more information and a brief code analysis of this malicious extension, click here.

Ominous “Live Weather” Browser Extension Manipulates Users’ Browsing The “Colombia Weather Live” extension appeared on multiple browsers, including Google Chrome and Mozilla Firefox, and was downloaded by more than 10,000 users. In the video, we talked about the main actions of the attack

Leave a Reply

Your email address will not be published. Required fields are marked *