1 min read

Extortion Campaign Targeting Online Shops Threatens to Sell Customer Database Unless Ransom is Paid

Alina BÎZGĂ

May 26, 2020

Extortion Campaign Targeting Online Shops Threatens to Sell Customer Database Unless Ransom is Paid

Cyber thieves are putting up for sale on a public website more than two dozen SQL databases of e-commerce platforms from across the globe.

The unnamed hackers breached unsecure servers of multiple online shops, copied their content and left a ransom note:

“To recover your lost Database and avoid leaking it: Send us 0.06 Bitcoin (BTC) to our Bitcoin address xxxxxxxYHxxxxxxx and contact us by Email with your Server UP or Domain name and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your Database is downloaded and backed up on our servers. Backups that we have right now: xxxx, classic models, xxxx, if we dont receive your payment in the next 10 Days, we will make your database public or use them otherwise”.

According to Bleeping Computer, some of the wallets used by the bad actors have already received a combined total of BTC 5.8 (about $51,000) in about 100 transactions.

In total, 31 databases are listed, and more than half are attributed to German-based online stores. However, multiple e-commerce platforms from the U.S., Brazil, Italy, Spain and India are also listed.

Depending on the retailer, the databases contain various inputs of personal data belonging to customers, including: email addresses, names, hashed passwords, dates of birth, gender and postal code.

Check now if your personal info has been stolen or made public on the internet, with Bitdefender”s Digital Identity Protection tool.

While these databases might not stand out in value, the information can be used to conduct targeted phishing attacks on unsuspecting customers, and resold to multiple parties that could further leverage the data for financial gain.

Perhaps, following this extortion campaign, online vendors will start improving their security and server protection to prevent further attacks and keep customer data protected from unauthorized access.

Hackers are resilient in their attempts to capitalize on stolen data, and even if a vendor chooses to pay the “ransom”, it does not guarantee that the bad actors will cease their extortion campaign.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Romance scammers arrested in Texas for defrauding elderly lonely hearts Romance scammers arrested in Texas for defrauding elderly lonely hearts
Graham CLULEY

September 28, 2021

3 min read
iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find
Silviu STAHIE

September 27, 2021

1 min read
Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement
Silviu STAHIE

September 27, 2021

1 min read