Billions of Passwords Offered for $2 in Cyber-Underground

February 8, 2021

A post on the English-language cybercriminal forum RaidForums has leaked about 3.27 billion stolen user credentials comprising cleartext email addresses and passwords, Threatpost reports. The post was made by user Singularity0x01 and was titled “Compilation of Many Breaches (COMB) 3.8Billion (Public),” according to Digital Shadows cyberthreat intelligence analyst Ivan Righi. Dustin Warren, a researcher at SpyCloud, said that a check of the data revealed most of it had already been accessible on the Dark Web for some time, and appears to include parts of information leaked in previous collections from 2016 and 2019, with some modifications for ease of use. However, threat actors may still use those old credentials to mount brute-force or credential-stuffing attacks, Warren notes. The leak was not received positively because of its poor quality and corruption of some files, and Singularity0x01 took a negative hit in popularity before being banned from the forums for “leaking hidden content,” Righi reports.

Jill Aitoro

Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.

United States Department of the Treasury seal

Identity

BeyondTrust breach hits US Treasury Department

SC StaffDecember 31, 2024

The U.S. Treasury Department was confirmed to have its computers and documents compromised by Chinese state-backed advanced persistent threat hackers in an attack targeted at its BeyondTrust Remote Support software-as-a-service instance just over a week after the BeyondTrust breach was initially reported, reports BleepingComputer.

China Flag Made of Binary Code and Chinese Symbols on Red Backgr

Critical Infrastructure Security

Another US telco breached by Salt Typhoon as AT&T, Verizon acknowledge compromise

SC StaffDecember 30, 2024

Nine U.S. telecommunications firms were confirmed by U.S. officials to have been compromised by Chinese state-backed threat group Salt Typhoon as part of its sweeping cyberespionage operation, with the newly-added unnamed entity's networks breached to facilitate geolocating activities for millions of individuals, Reuters reports.

Russia flag is depicted on the screen with the program code. The concept of modern technology and site development.

Critical Infrastructure Security

Italian websites subjected to pro-Russian DDoS attack campaign

SC StaffDecember 30, 2024

Security Affairs reports that numerous Italian websites — including those of the country's Ministry of Foreign Affairs, the Turin Transport Group, and the Linate and Malpensa airports — have been compromised as part of a distributed denial-of-service attack by pro-Russian hacktivist operation NoName057, which noted the intrusions to have been launched in retaliation of "Italian Russophobes."

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news