Security News > 2020 > December > 250,000 stolen MySQL databases for sale on dark web auction site
Hackers have set up an auction site on the dark web to sell 250,000 databases stolen from tens of thousands of breached MySQL servers.
Back in May, BleepingComputer reported about an attacker that was stealing SQL databases from online shops and threatening victims that their data would become public if they did not pay 0.06 BTC. Although the hacker's website on the clear web listed only 31 databases, the number of abuse reports for the wallet left in the ransom note was above 200, indicating a much larger operation.
The attacker has moved from the clear web to the dark web, creating an auction site that lists 250,000 databases from 83,000 breached servers that were exposed on the public web.
The MySQL databases sold on the auction site range from 20 bytes to gigabytes in size, and are offered for the same amount - 0.03 bitcoins or $545 at current prices.
When the threat actor hacks into a MySQL server, they will execute various commands that archive and copy the databases to the attacker's infrastructure, delete them from the victim server, and then create a ransom note.
News URL
Related news
- Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web (source)
- FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals (source)
- Tor insists its network is safe after German cops convict CSAM dark-web admin (source)
- Companies mentioned on the dark web at higher risk for cyber attacks (source)