- Joined
- Jun 13, 2020
- Messages
- 6,377
- Reaction score
- 890
- Points
- 212
- Awards
- 2
Databases contained information on billions of users that leaked as a result of hacks by other companies.
A cybercriminal using the pseudonym NightLion, reported hacking the internal servers of the American information security company Night Lion Security. The hacker allegedly stole information from the Data Liper DataViper service, owned by Night Lion Security. The stolen information includes more than 8,225 databases containing records of billions of users that leaked as a result of hacks by other companies, ZDNet reported.
Data leak detection services are a common type of service offered by cybersecurity firms. IB companies scan darknet, hacking forums, data exchange sites and other places for information about companies whose data are on the Web. They collect “hacked databases” in private backends, allowing customers to search and track new data leaks.
The hacker sent an e-mail to several news outlets with a link to the portal on the darknet. The site has an electronic journal (e-zine), which details the cyber attack on the internal DataViper servers. According to the attacker, he had access to the DataViper servers for three months, filtering the database.
The hacker published on the portal a complete list of 8,225 databases indexed in DataViper, a list of 482 downloadable JSON files containing sample data from DataViper servers, and proof that he had access to the DataViper backend. A cybercriminal placed an ad on the Empire’s underground trading floor for the sale of the 50 largest databases found in the DataViper backend.
The founder of Night Lion Security, Vinny Troia, confirmed to ZDNet that the hacker had access to one of the DataViper servers, but the server is supposedly just a test copy. The expert believes that the attacker is selling his own databases, and not information stolen from the server, since this data has been in the public domain for many years or was obtained from other cybercriminals.
According to Troy, the hacker is associated with several cybercriminal groups, such as TheDarkOverlord, ShinyHunters and GnosticPlayers. According to the expert, by his actions the criminal intended to damage his reputation before he speaks at the SecureWorld security conference.
A cybercriminal using the pseudonym NightLion, reported hacking the internal servers of the American information security company Night Lion Security. The hacker allegedly stole information from the Data Liper DataViper service, owned by Night Lion Security. The stolen information includes more than 8,225 databases containing records of billions of users that leaked as a result of hacks by other companies, ZDNet reported.
Data leak detection services are a common type of service offered by cybersecurity firms. IB companies scan darknet, hacking forums, data exchange sites and other places for information about companies whose data are on the Web. They collect “hacked databases” in private backends, allowing customers to search and track new data leaks.
The hacker sent an e-mail to several news outlets with a link to the portal on the darknet. The site has an electronic journal (e-zine), which details the cyber attack on the internal DataViper servers. According to the attacker, he had access to the DataViper servers for three months, filtering the database.
The hacker published on the portal a complete list of 8,225 databases indexed in DataViper, a list of 482 downloadable JSON files containing sample data from DataViper servers, and proof that he had access to the DataViper backend. A cybercriminal placed an ad on the Empire’s underground trading floor for the sale of the 50 largest databases found in the DataViper backend.
The founder of Night Lion Security, Vinny Troia, confirmed to ZDNet that the hacker had access to one of the DataViper servers, but the server is supposedly just a test copy. The expert believes that the attacker is selling his own databases, and not information stolen from the server, since this data has been in the public domain for many years or was obtained from other cybercriminals.
According to Troy, the hacker is associated with several cybercriminal groups, such as TheDarkOverlord, ShinyHunters and GnosticPlayers. According to the expert, by his actions the criminal intended to damage his reputation before he speaks at the SecureWorld security conference.