by Fyodor Yarochkin (Senior Threat Researcher) – We uncovered personally identifiable information (PII) stolen from a China-based hotel chain being sold on a deep web forum we were monitoring.
Further analysis revealed that the stolen data was not only the PII of Chinese customers, but also included the hotel chain’s customers from Western and East Asian countries. The sample data we saw was unencrypted (in plaintext), some of which were in CSV, SQL, and TXT dumps.
We believe this stolen data is related to the data breach (reported on August 29) that exposed up to 130 million PII. The news that reported the data breach matched with an advertisement we saw in the dark web selling the stolen data for eight bitcoins (equivalent to more than US$58,000 as of September 5, 2018)…
Kommentare und FragenMöchtest Du zu diesem Artikel ein Kommentar abgeben oder hast dazu eine Frage, dann mach dies bitte immer auf der Herausgeberseite!
Aktuelles von TrendLabs Malware Blog
- October Patch Tuesday: Microsoft Repairs JET Database Engine Bug, Win32K EoP Zero-Day
- Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads
- New CVE-2018-8373 Exploit Spotted
- Viro Botnet Ransomware Breaks Through
- September Patch Tuesday: Windows Fixes ALPC Elevation of Privilege, Remote Code Execution Vulnerabilities
- A Closer Look at the Locky Poser, PyLocky Ransomware
- Stolen Data from Chinese Hotel Chain and Other Illicit Products Sold in Deep Web Forum
- The Urpage Connection to Bahamut, Confucius and Patchwork
- IQY and PowerShell Abused by Spam Campaign to Infect Users in Japan with BEBLOH and URSNIF
- Supply Chain Attack Operation Red Signature Targets South Korean Organizations
Diese Information erscheint unabhängig vom Artikel!