Hacker ‘Gnosticplayers’ Lists Data of 26 Million Users for Sale in Exchange for Bitcoin Funds
Gnosticplayers is a well-known hacker, and they have collected data from 26 million users, spanning across six companies. Those companies include GameSalad, Estante Virtual, Coubic, Lifebear, Bukalapak, and YouthManual. Now, they have taken to the dark web to sell the content for a profit, aiming to be paid in Bitcoin for the data, according to reports from NewsBTC.
The data varies by the company that it was sourced from. However, for the most part, the data includes email addresses, user names with password hashes, IP addresses, and other settings that depend on the platform. The sale is actually the fourth round of data purchases available, which can be purchased through Dream, a service on the dark net marketplace that came after the seizure of Silk Road by the FBI. It is already the host of several auctions involving Bitcoin.
Of the content, GameSalad accounted for 1.5 million of the users whose data was stolen, and Gnosticplayers is asking for 0.0785 BTC for this specific cache. Within the data, the buyer will have access to passwords hashed with SHA1/SHA256.
The data from Estante Virtual makes up 5.45 million users. The hacker wants 0.2618 BTC to gain access to the names, user names, addresses, SHA1 passwords, phone numbers, and emails of the users.
There are 1.5 million accounts that come from Coubic, which the hacker wants 0.157 BTC to purchase. This cache data includes names, emails, and SHA256 passwords.
LifeBear accounts for 3.86 million users. Priced at 0.157 BTC, the buyer would gain the user’s emails, passwords hashed with MD5, user dates, and related application data.
The largest portion of the data comes from Bukalapak with 13 million users’ data compromised. This purchase requires a payment of 0.3407 BTC, for which the buyer will have access to names, user names, emails, passwords, IP addresses, and other application data.
YouthManual.com had the data of 1.12 million users stolen, which the hacker only wants 0.144 BTC to buy it. The buyer would get emails, names, passwords, and additional background information.
Apparently, the hacker had decided that the security standards of these companies are not the level it should be, which is the reason for the sale. According to a report from ZDNet, the hacker said that “no one is learning” from the mistakes that other companies with poor security have made. The hacker blames the actions on becoming “angry” over the lack of security. Gnosticplayers added that there is still plenty of data that has yet to be published, and some of the companies have already come to an understanding with the hacker, preventing the sales.
This is hardly the first time that Gnosticplayers have sold this type of data. In fact, this is the fourth instance in only two months. Previous rounds have resulted in the sale of data involving 700 million users collectively, using YouNow and Gfycat.