The hacker said that he put up the data for sale mainly because these companies had failed to protect passwords with strong encryption algorithms like bcrypt. Most of the hashed passwords the hacker put up for sale today can cracked with various levels of difficulty --but they can be cracked. "I got upset because I feel no one is learning," the hacker told ZDNet in an online chat earlier today. "I just felt upset at this particular moment, because seeing this lack of security in 2019 is making me angry." In a conversation with ZDNet last month, the hacker told us he wanted to hack and put up for sale more than one billion records and then retire and disappear with the money. But in a conversation today, the hacker says this is not his target anymore, as he learned that other hackers have already achieved the same goal before him. Gnosticplayers also revealed that not all the data he obtained from hacked companies had been put up for sale. Some companies gave into extortion demands and paid fees so breaches would remain private. "I came to an agreement with some companies, but the concerned startups won't see their data for sale," he said. "I did it that's why I can't publish the rest of my databases or even name them."
There are currently no families associated with this actor.
|2019-04-15 ⋅ ZDNet ⋅ |
A hacker has dumped nearly one billion user records over the past two months
|2019-03-17 ⋅ ZDNet ⋅ |
Round 4: Hacker returns and puts 26Mil user records for sale on the Dark Web
|2019-02-17 ⋅ ZDNet ⋅ |
Hacker puts up for sale third round of hacked databases on the Dark Web
|2019-02-14 ⋅ ZDNet ⋅ |
127 million user records from 8 companies put up for sale on the dark web
|2019-02-11 ⋅ The Register ⋅ |
620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts