InfoSecBulletin Cybersecurity for mankind
Hacker drop massive WhatsApp user dataset to sell in popular breach forum. The dataset includes over 3TB of data; millions of phone numbers and logins to WhatsApp accounts for free.
Cybernews researchers confirmed that it contains multiple files listing phone numbers by location. Approximately 10 million Russian and 4 million Israeli phone numbers were exposed.
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Critical Cisco ISE Vulnerability Enables Remote Code Execution
F5 Patches NGINX Flaw for Code Execution and DoS Attacks
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally
Researchers said, it may include more files in the dataset. However, these files were protected by a password. The dropped file includes WhatsApp account logins which may lead to account takeover.
Over 3TB of data leaked, but where is it coming from?
The Cybernews research team said, “Typically, the kind of data present in the forum post would be collected through social engineering attacks,”.
Additionally, Last year, University of Vienna and SBA Researcher discovered a WhatsApp vulnerability which enables the extraction of more than 100 million phone numbers per hour. Although WhatsApp chat is end to end encrypted but still it can be extracted, the research finds.
“The user clicks on a link or scans a malicious QR code, fills out their info, and the info gets sent to the attacker, plain and simple. Also, such data could be collected with infostealers.”
The legitimacy of the dataset are still be verified but if true, it may pose significant security risks to WhatsApp users.
The hacker is hanging up their keyboard
On the post note, the threat actor said, they’re quitting cybercrime. Generally cyber criminal post such data and demand ransom but the case is different.
“I also wanted to say goodbye, as this is my last message. As you may have noticed, my activity on these forums has decreased significantly lately, as I’ve decided to refocus on my personal life and true priorities,” the hacker wrote.
“I’ve greatly enjoyed the discussions and the time spent here, but it’s time for me to move on,” they added.
