2 min read

Hundreds of thousands of cryptocurrency investors put at risk after BuyUCoin security breach

Graham CLULEY

January 25, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hundreds of thousands of cryptocurrency investors put at risk after BuyUCoin security breach
  • Data from Indian cryptocurrency BuyUCoin has been leaked online
  • Notorious hacking group appears to have accessed unsecured MongoDB database

Another day, and another report that a cryptocurrency exchange has been breached by malicious hackers.

Indian cryptocurrency exchange BuyUCoin says that is investigating claims that sensitive data related to hundreds of thousands of its users has been published on the dark web, where it is available for free download.

The 6GB of leaked data is said to have been found in a MongoDB database that BuyUCoin had left unsecured, and included users’ bank account details, email addresses, bcrypt-hashed passwords, mobile phone numbers, and Google sign-in tokens.

The data was subsequently leaked by the ShinyHunters gang which has a history of publishing data breaches.

Such details could, of course, be used by other online criminals to scam and defraud cryptocurrency investors.

Existing customers of BuyUCoin, including security researcher Rajshekhar Rajaharia, have confirmed the authenticity of the data breach by finding their own information in the leaked data.

Screenshots posted on social media of the data leak suggest that information included in the leaked database may have been accessed as recently as last September.

However, for now at least, BuyUCoin is sending mixed messages regarding whether a breach has occurred or not.

Initially a statement from the BuyUCoin’s CEO Shivam Thakral was released saying: “In the mid of 2020, while conducting a routine testing exercise with dummy data, we faced a “low impact security incident” in which non-sensitive, dummy data of only 200 entries were impacted. We would like to clarify that not even a single customer was affected during the incident.”

That statement, however, was later replaced on BuyUCoin’s blog with another that said the company is “investigating each and every aspect of the report about malicious and unlawful cybercrime activities by foreign entities in mid-2020.”

The cryptocurrency exchange says that it will keep users updated with its investigation uncovers, and will “conduct a major cybersecurity overhaul throughout 2021 to upgrade platform security.”

I don’t know about you, but I’m not sure that’s going to reassure many cryptocurrency investors at this stage.

There is a simple checklist which administrators of MongoDB databases can follow to help ensure that sensitive information stays out of reach of cybercriminals.

Unfortunately, it is still all too common to find companiess are using older versions of the MongoDB software, which didn’t require a password by default.

Past victims of hacks associated with MongoDB databases breaches have included Verizon, dating website BeautifulPeople, and millions of users of an Android keyboard app.

If reports are confirmed that BuyUCoin left a MongoDB instance unsecured and directly accessible on the internet then it really shows a reckless disregard for the security and privacy of its users.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths
Graham CLULEY

September 30, 2022

2 min read
Honolulu Man Sabotaged Former Employer’s Network and Business Using Still-Active Credentials Honolulu Man Sabotaged Former Employer’s Network and Business Using Still-Active Credentials
Silviu STAHIE

September 30, 2022

1 min read
North Korean Gang Uses Compromised Open Source Software to Distribute Malware, Researchers Find North Korean Gang Uses Compromised Open Source Software to Distribute Malware, Researchers Find
Silviu STAHIE

September 30, 2022

1 min read