Gootkit Banking Trojan Databases Leak Sensitive Details of 2 millions d'utilisateurs
CYBER NOUVELLES

Banque Bases de données sensibles Détails de Troie fuite de 2 millions d'utilisateurs

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, moyenne: 5.00 de 5)
Loading ...

Pour notre plus grande préoccupation, les services que nous utilisons souvent tous les jours font partie des violations de données et les fuites de données, dans lequel nos données personnelles sont exposées à des cybercriminels. Banques, compagnies aériennes, hôtels, various organizations put our information at risk in databases that are left unsecured.

What happens when one of the most advanced banking Trojans discovered in the wild has its databases exposed? Bien, we are about to find out. Apparemment, Bob Diachenko, a cybersecurity researcher est venu à travers two open and publicly accessible MongoDB instances that appear to be part of the Gootkit network.




More about the Gootkit Banking Trojan

L'année dernière, the Gootkit operators found a way to exploit Mailchimp in spam campaigns to distribute the malicious banking Trojan. The attackers were continuously hacking into MailChimp’s network to send fake invoices and emails ridden with malware. This is an example of a Gootkit malicious operation in action.

Généralement, the Trojan has targeted a lot of networks located across Europe, including banks found in France, Suisse et Autriche. What’s particularly dangerous is the malware can also be set against cryptocurrency services. En outre, two databases that are used by the hacking collective behind the malware have been leaked.

A security analysis of their structure and a content extraction has revealed further information about the stored information. The experts reveal that the criminal collective behind the threat is actively pulling data from three botnets totaling in about 38,563 compromised hosts.

en relation: Retirer GootKit Cheval de Troie

According to the security analysis, the following sensitive details have been compromised:

  • Un total de 1,444,375 comptes mail;
  • Un total de 752,645 les noms d'utilisateur;
  • 2,196,840 passwords and configuration pairs coming from online shops, e-mails, banking applications, streaming and a variety of online services, as well as internal network passwords.

It is yet to be determined whether the Gootkit cybercriminals forgot to set a password, or if a firewall blocking access to the servers went down. But it’s a fact that something went completely wrong as the two servers were exposed and indexed by several IoT search engines.

What can happen with the user data exposed in the leaky Gootkit databases?

It is noteworthy that botnets such as Emotet and TrickBot have been dealing with something called “install space”. This means that the botnet operators were renting access on infected computers to other hacker collectives. These cybercrminal groups can then use the provided access to drop additional malware on the infected hosts. It appears that so far Gootkit operators haven’t sold install space to other groups.

Cependant, the large number of infected hosts in the exposed databases combined with the large amount of sensitive user details could enable the criminals to do in the future, cybersecurity researchers dire.

avatar

Milena Dimitrova

Un écrivain inspiré et gestionnaire de contenu qui a été avec SensorsTechForum pour 4 ans. Bénéficie d' « M.. Robot » et les craintes de 1984 '. Axé sur la vie privée des utilisateurs et le développement des logiciels malveillants, elle croit fermement dans un monde où la cybersécurité joue un rôle central. Si le bon sens n'a pas de sens, elle sera là pour prendre des notes. Ces notes peuvent se tourner plus tard dans les articles!

Plus de messages

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont marqués *

Délai est épuisé. S'il vous plaît recharger CAPTCHA.

Partager sur Facebook Partager
Loading ...
Partager sur Twitter Tweet
Loading ...
Partager sur Google Plus Partager
Loading ...
Partager sur Linkedin Partager
Loading ...
Partager sur Digg Partager
Partager sur Reddit Partager
Loading ...
Partager sur Stumbleupon Partager
Loading ...