Security News > 2020 > December > 250,000 stolen MySQL databases for sale on dark web auction site
Hackers have set up an auction site on the dark web to sell 250,000 databases stolen from tens of thousands of breached MySQL servers.
Back in May, BleepingComputer reported about an attacker that was stealing SQL databases from online shops and threatening victims that their data would become public if they did not pay 0.06 BTC. Although the hacker's website on the clear web listed only 31 databases, the number of abuse reports for the wallet left in the ransom note was above 200, indicating a much larger operation.
The attacker has moved from the clear web to the dark web, creating an auction site that lists 250,000 databases from 83,000 breached servers that were exposed on the public web.
The MySQL databases sold on the auction site range from 20 bytes to gigabytes in size, and are offered for the same amount - 0.03 bitcoins or $545 at current prices.
When the threat actor hacks into a MySQL server, they will execute various commands that archive and copy the databases to the attacker's infrastructure, delete them from the victim server, and then create a ransom note.
News URL
Related news
- Companies mentioned on the dark web at higher risk for cyber attacks (source)
- Dutch police arrest admin of 'Bohemia/Cannabia' dark web market (source)
- Dutch cops reveal takedown of 'world's largest dark web market' (source)
- Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation (source)
- Finland seizes servers of 'Sipultie' dark web drugs market (source)
- Dark web crypto laundering kingpin sentenced to 12.5 years in prison (source)