Total Tests:
Blog Filters reset x
By Incident
By Jurisdiction
Show More

Cybersecurity
Compliance

Cybersecurity
Legal Advisory
Learn More

RaidForums Member Data Leaks Online

Read also: Jimbos Protocol hacked for $7.5M, nearly 9 million dental patients impacted in a ransomware attack, and more.


Thursday, June 1, 2023
Views: 7.7k Read Time: 2 min.

RaidForums Member Data Leaks Online

Registration info of nearly 500K RaidForums users leaked on a new hacker forum

Registration information of more than 480,000 members of RaidForums cybercriminal forum has been leaked on ‘Exposed,’ a new underground platform that has recently emerged as a replacement to the now-defunct RaidForums.

RaidForums was a popular marketplace that offered for sale data obtained from data breaches, including credit cards, bank account numbers and credentials needed to access online accounts.

As per media reports, the leaked data included registration information of RaidForums members who registered between March 2015 and September 2020, as well as usernames, email addresses, hashed passwords, and other info. Currently, it’s unclear where the leaked database came from or who and why had created it.

ImmuniWeb can help prevent data breaches and meet regulatory requirements.
Request your free demo now and talk to our experts.

The number of phishing domains dropped after Meta lawsuit against Freenom

Meta lawsuit has led to a substantial decline in phishing domains tied to the Netherlands-based domain name registrar Freenom, which manages top-level domains of the Central African Republic (.cf), Equatorial Guinea (.gq), Gabon (.ga), Mali (.ml), and Tokelau (.tk) and is favored by cybercriminals due to its policy of hiding the identities of its customers.

In March 2023, social media giant Meta sued Freenom, alleging cybersquatting violations and trademark infringement. Following the lawsuit Freenom halted domain registrations.

It seems that the lawsuit proved to be effective, as the number of phishing domains linked to Freenom’s commercialized ccTLDs dropped from 60% in November 2022 to meager 15% in the months following the lawsuit.

Cybersecurity Compliance

Prevent data breaches and meet regulatory requirements

Cybersecurity
Legal Advisory
Learn More

Private details of nearly 9M of MCNA Dental patients exposed after Lockbit ransomware attack

Around 9 million people had their personal data compromised following a ransomware attack on MCNA (Managed Care of North America) Dental, one of the largest dental insurers for government-sponsored Medicaid and CHIP programs in the United States.

The company said it detected unauthorized activity in its network on March 6, 2023 and launched an investigation, which showed that the attackers stole customers’ personal information. The impacted data included first and last name, address, date of birth, phone number, email, Social Security numbers, information about health insurance and other medical data.

On March 7, the notorious Lockbit ransomware gang claimed responsibility for the hack and asked for a $10 million ransom, threatening to publish 700 GB of data allegedly stolen from MCNA Dental. Apparently, the company did not pay the ransom, so LockBit leaked the stolen data on April 7.

Emby remotely shuts down user servers after the hack

Emby, a software company behind the eponymous media server, remotely shut down an undisclosed number of user-based media server instances after a threat actor took advantage of a vulnerability to hijack systems and install a malicious plugin for harvesting login credentials.

The Emby team developed a firmware update to scan for the offending plugin and shut down systems where it was discovered.

In other news, network security solutions provider Barracuda Networks disclosed that some of its customers’ Email Security Gateway (ESG) appliances have been compromised via a now-patched zero-day vulnerability, with hackers dropping at least three types of malware acting as backdoors on affected systems, as well as exfiltrating data.

The company said that the threat actors have been exploiting the zero-day (CVE-2023-2868) since October 2022, possibly earlier. The vendor did not disclose the number of impacted organizations, but provided a list of endpoint and network Indicators of Compromise (IoCs), as well as YARA rules to help defenders identify the threat.

ImmuniWeb Newsletter

Get exclusive updates and invitations to our events and webinars:


Private and Confidential Your data will stay private and confidential

Arbitrum's Jimbos Protocol hacked for $7.5M

Jimbos Protocol, an Arbitrum-based liquidity protocol, fell victim to a flash loan attack on May 28 that saw $7.5 million worth of Ether (ETH) tokens stolen. According to experts, the attacker took advantage of the weakness in the JimboController contract to manipulate price ranges for ETH-Jimbo conversion for personal profit.

The team behind Jimbos Protocol has acknowledged the hack on Twitter and offered the exploiter to return 90% of the stolen funds or face prosecution.

At the time of writing, it’s not clear whether Jimbos received any response from the hacker.

What’s next:

Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law.
Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential