361 million stolen accounts leaked on Telegram added to HIBP

A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised.
Cybersecurity researchers collected these credentials from numerous Telegram cybercrime channels, where the stolen data is commonly leaked to the channel's users to build reputation and subscribers.
The stolen data is usually leaked as username and password combinations, username and passwords along with a URL associated with them, and raw cookies.
The researchers, who asked BleepingComputer to remain anonymous, shared 122 GB of credentials with Troy Hunt, the owner of Have I Been Pwned, collected from many Telegram channels.
According to Hunt, this data is massive, containing 361 million unique email addresses, with 151 million never previously seen by the data breach notification service.
With a dataset this large, it is impossible to verify that all of the leaked credentials are legitimate.
Hunt said that he utilized sites' password reset forms to confirm that many leaked email addresses are correctly associated with the website listed in the stolen credentials.
Hunt could not confirm the password, as that would require him to log into the account, which would be illegal.
With a dataset this large, no site that allows logins is unaffected by these leaked credentials, including BleepingComputer.
Last week, the same researchers shared with BleepingComputer a list of credentials stolen by information-stealing malware associated with the BleepingComputer forums.
Information-stealing malware is an infection that steals passwords, cookies, browser history, cryptocurrency wallets, and other data from an infected device.
BleepingComputer is currently analyzing the data and removing duplicates so we can proactively reset impacted members' passwords and warn them that they were infected at some point with information-stealing malware.
Users who are infected with information-stealing malware will now have to reset every password on every account that was saved in their browser's password manager, and any other site using the same credentials.
Stolen credentials are usually not shared with a timestamp to indicate when they are stolen.
Impacted users must consider that all of their credentials have been compromised.
BleepingComputer is commonly contacted by people who tell us that their accounts continuously get hacked, even when they change the password over and over.
The user can now gain some closure, knowing that they were not crazy, but that the malicious activity is likely attributed to their credentials previously being stolen and threat actors abusing them for their own amusement or malicious activity.
Information-stealing malware has become a scourge of cybersecurity, used by threat actors to conduct massive attacks, such as ransomware and data theft attacks.
Some well known attacks caused by credentials being stolen by information stealing malware, including attacks on the Costa Rican government, Microsoft, CircleCi, and an account at Orange Spain RIPE that led to a intentional BGP misconfiguration.
More recently threat actors stole data from Snowflake databases using what is believed to be compromised credentials stolen using information-stealing malware.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 26 Jun 2024 19:14:03 +0000


Cyber News related to 361 million stolen accounts leaked on Telegram added to HIBP

361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
5 months ago Bleepingcomputer.com
70 million account credentials were leaked in a massive password dump - A security researcher has unearthed what appears to be one of the biggest password dumps ever. Over 70 million unique credentials have been leaked on the dark web. ADVERTISEMENT. The news came to light when Troy Hunt, the owner of the popular breach ...
11 months ago Ghacks.net
Have I Been Pwned adds 71 million emails from Naz.API stolen account list - Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service. The Naz.API dataset is a massive collection of 1 billion credentials compiled using ...
11 months ago Bleepingcomputer.com
Alleged ShinyHunters Hacker Pleads Not Guilty After US Extradition - The ShinyHunters group is known for some of the largest data breaches in 2021-2022, in which the personal data of hundreds of millions of users was leaked on the now-seized Raidforums. In July 2022, HackRead.com reported on Sebastian Raoult, an ...
1 year ago Hackread.com
23andMe confirms nearly 7 million customers affected in data leak - Nearly 7 million 23andMe customers had their profile data leaked in a cybersecurity incident in October, a company spokesperson confirmed to SC Media on Monday. The vast majority of the leaked data was scraped from the site's DNA Relatives feature ...
1 year ago Packetstormsecurity.com
Telegram is a Wide-Open Marketplace for Phishing Tools - The encrypted messaging app Telegram has become a veritable marketplace for bad actors who want to launch effective phishing campaigns on the cheap, essentially democratizing the cyberthreat, according to researchers at cybersecurity firm Guardio. ...
10 months ago Securityboulevard.com
Hacker leaks millions of new 23andMe genetic data profiles - A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe ...
1 year ago Bleepingcomputer.com
Telegram Emerges as Hub for Cybercrime, Phishing Attacks as Cheap as $230 - Cybersecurity experts raise alarms as Telegram becomes a hotspot for cybercrime, fueling the rise of phishing attacks. In a recent development, cybersecurity researchers shed light on the democratization of the phishing landscape, courtesy of ...
10 months ago Cysecurity.news
GTA 5 source code reportedly leaked online a year after RockStar hack - The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data. Links to download the source code were shared on numerous channels, ...
11 months ago Bleepingcomputer.com
The Post Millennial hack leaked data impacting 26 million people - Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. The Post Millennial is a conservative Canadian online news magazine belonging to the Human ...
7 months ago Bleepingcomputer.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
2 months ago Securelist.com
Telegram revealed it shared U.S. user data with law enforcement - Independent website 404 Media first revealed that in 2024 Telegram has fulfilled more than a dozen law enforcement data requests from the U.S. authorities. At the end of September, Telegram updated its privacy policy informing users that it will ...
2 months ago Securityaffairs.com
Digital Battlefield: Syrian Threat Group's Sinister SilverRAT Emerges - Cyfirma claims that the developers maintain a sophisticated and active presence on multiple hacker forums and social media platforms, as outlined by the cybersecurity company. Besides operating a Telegram channel offering leaked databases, carding ...
11 months ago Cysecurity.news
Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware - Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. BleepingComputer has learned there is more to this attack, with threat actors ...
9 months ago Bleepingcomputer.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
11 months ago Bleepingcomputer.com
ID Theft Service Resold Access to USInfoSearch Data - One of the cybercrime underground's more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned. Since at least ...
1 year ago Krebsonsecurity.com
Fake and Stolen X Gold Accounts Flood Dark Web - A surge of fake or stolen X Gold accounts has been flooding marketplaces and forums both on the surface web and the dark web over the past year, according to CloudSEK. Threat actors have used multiple techniques to forge or steal X Gold accounts ...
11 months ago Infosecurity-magazine.com
CyberCrime & Doing Time: Identification Documents: an Obsolete Fraud Countermeasure - When I'm talking to bankers and other fraud fighters, I often mention how easy it is for a criminal to obtain a Drivers License bearing any information they desire. In the new case, Brianna Mills, a 28-year old bank teller in Loganville, Georgia ...
10 months ago Garwarner.blogspot.com
BidenCash darkweb market gives 1.9 million credit cards for free - The BidenCash stolen credit card marketplace is giving away 1.9 million credit cards for free via its store to promote itself among cybercriminals. BidenCash launched in early 2022 as a new marketplace on both the dark web and the clearnet, selling ...
1 year ago Bleepingcomputer.com
LastPass breach linked to theft of $4.4 million in crypto - Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents. The news comes ...
1 year ago Bleepingcomputer.com
Massive 'New' Leaked Credentials List: Naz.API Pwns Troy - Almost 71 million sets of unique credentials have leaked, via an unnamed firm's bug bounty program. Nicknamed Naz.API, the leak is making waves. The site's majordomo, Troy Hunt, sounds astounded. Credential stuffing lists are collections of login ...
11 months ago Securityboulevard.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
8 months ago Securityboulevard.com
Misconfigured Firebase Instances Expose 125 Million User Records - Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords, security researchers warn. It all started with the hacking of Chattr, the AI hiring system that serves multiple ...
9 months ago Securityweek.com
Ticketmaster confirms massive breach after stolen data for sale online - Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. While the breach has allegedly exposed the data of over 560 million ...
6 months ago Bleepingcomputer.com
Romance Scammers are Adopting Approval Phishing Tactics - Romance scams are labor-intensive and time-consuming schemes to run. They can be lucrative, pulling in millions in stolen cryptocurrency, but they also can end up going nowhere if the targeted victim becomes suspicious or the bad actor decides there ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)