1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Top online marketplace leak sees thousands of user accounts expos

    From TechnologyDaily@1337:1/100 to All on Thu Apr 6 11:30:03 2023
    Top online marketplace leak sees thousands of user accounts exposed

    Date:
    Thu, 06 Apr 2023 10:24:07 +0000

    Description:
    Chinese marketplace leaks hundreds of thousands of records, including
    people's passports

    FULL STORY ======================================================================

    A Chinese online marketplace apparently unknowingly leaked hundreds of thousands of highly sensitive customer records which could have easily been used for identity fraud and other forms of cybercrime, a new report has claimed.

    Researcher Jeremiah Fowler found a shady marketplace called Z2U keeping an unlocked database on a cloud server hosting roughly 600,000 records.

    While Z2U advertises itself as a reliable trade environment for gamers,
    Fowler discovered many items on sale which could easily be classified as illegal, including Facebook and Instagram accounts, access to HBO, Netflix, Disney+ and other streaming services, Windows license keys, malware, viruses, and more, were all available for purchase. Sensitive information

    To register on the site, a user must pass KYC (Know Your Customer) verification and must provide an unaltered image of an identity document,
    such as an ID card, or passport.

    However this information, including photographs of users holding their identity documents, was sitting in the unprotected database Fowler
    discovered.

    Furthermore, the database held records showing bank transaction payments that included IBAN numbers, user logins, emails, account passwords, order confirmations with the buyers names, emails, purchase details, and more. Read more

    China is finally loosening some rules on VPN services


    Russia is spending big on VPN


    These are the best firewalls right now

    The database was hosted on a server located in China, Fowler further explained, saying he saw a large number of documents and file names in Chinese.

    There could be significant intellectual property implications of selling accounts, license keys, and access to games, services and licensed software applications, he says.

    Many of the account login email addresses he was for sale used Russian email accounts, too. It is well known in the security community that Russia and China are among the most active locations for cybercrime and both countries have a reputation of being deeply engaged in dark web or malicious activity online.

    A week after discovering the database and notifying Z2U, the company locked the database, and Fowler did not mention finding any evidence of the data actually being used in the wild - however users should still act with
    caution. Here are the best malware removal tools at the moment



    ======================================================================
    Link to news story: https://www.techradar.com/news/top-online-marketplace-leak-sees-thousands-of-u ser-accounts-exposed


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)