A threat actor is selling a database on a well-known hacker forum, which they claim contains public and private data, including phone numbers and email addresses, of over 400 million Twitter users. The data was allegedly scraped via a now-patched API vulnerability. The seller is asking $200,000 for the database.

As proof of their claims the seller provided a sample of 1,000 Twitter accounts allegedly belonging to celebrities, politicians, journalists, corporations, and government agencies, including Donald Trump JR, Brian Krebs, and others.

According to researches, the leaked samples appear to be legitimate, however, at this point it’s not possible to verify that there are indeed 400 million users in the database. It appears that the data was scraped using an API bug previously linked to the August data breach that affected 5.4 million Twitter users.

China’s ByteDance admits TikTok employees accessed data of users

China-based ByteDance, the owner of Tik Tok social media platform, has admitted that its employees inappropriately accessed TikTok data of some US journalists in an attempt to identify the source of leaks to the media.

The revelation comes following an internal investigation at the company launched after a Forbes report alleging that the company planned to use the TikTok app to track certain US users’ locations. ByteDance’s investigation revealed that several employees based in the US and China obtained IP addresses and other personal data from two reporters and an unspecified number of US users they contacted in order to determine whether they were in the same location as ByteDance employees suspected of leaking confidential information. However, this plan was unsuccessful, partly because the IP addresses only revealed approximate location data.

According to ByteDance, all employees involved in the operation were fired.

BitKeep users lost $8 million in assets in a hack

Multiple users of multi-chain Web3 DeFi crypto wallet BitKeep had their funds stolen from their wallets over the weekend. The incident appears to have impacted users who downloaded an unofficial version of the BitKeep app infected with malicious code.

Blockchain analytics provider OKLink said that the threat actor set up several fake Bitkeep websites containing an APK file that looked like version 7.2.9 of the BitKeep wallet, which, when downloaded, sent users’ private keys or seed words to the attacker.

While BitKeep did not share how many users were affected or how much money have been stolen in the attack, a blockchain security company PeckShield reported that around $8 million worth of assets have been stolen so far, including ~4373 $BNB, 5.4M $USDT, 196k $DAI, and 1233.21 $ETH.

BTC.com discloses a $3M cyber-attack

Major cryptocurrency mining pool BTC.com said it has been hit with a cyber-attack, in which threat actors stole $700,000 in customer crypto assets and $2.3 million in the company’s assets.

The security incident took place on December 3, 2022, according to a statement from BTC.com’s parent firm, BIT Mining Limited. The company said that some of the stolen assets have already been recovered, and that its client fund services were not impacted.

Crypto trader behind $110M Mango Markets exploit arrested in Puerto Rico

US authorities arrested a cryptocurrency investor accused of attempting to exploit the decentralized finance platform Mango Markets and steal $110 million. The suspect, Avraham Eisenberg, was arrested in Puerto Rico and charged with commodities fraud and commodities manipulation. Eisenberg has become the first US resident to face charges over a DeFi platform attack.

The defendant allegedly used two Mango Market accounts he controlled to steal approximately $110 million by artificially inflating the price of Mango perpetual swaps (perpetual futures or perps, a type of futures contract on the Mango Markets platform), and then borrowing and withdrawing almost all of the crypto deposits from the DeFi platform. Eisenberg later returned $67 million to Mango Markets.

What’s next:

Follow ImmuniWeb on Twitter and LinkedIn
Explore 20 use cases how ImmuniWeb can help
Browse open positions to join our great Team
See the benefits of our partner program
Request a demo, quote or special price
Subscribe to our newsletter

Application Security Weekly

Application Security Weekly is a weekly review of the most important news and events in cybersecurity, privacy and compliance. We cover innovative cyber defense technologies, new hacking techniques, data breaches and evolving cyber law.

Recent Blog Posts:

Microsoft Fined €60 Million Over Advertising Cookies

US Authorities Have Seized 48 Domains That Sold DDoS-for-Hire Services