- Security researchers find threat actor advertising a major database
- The archive allegedly belongs to VirtualMacOSX.com
- It contains passwords, bank data, and other sensitive information
Thousands of records belonging to VirtualMacOSX users, including banking information, have been leaked on a popular hacking forum recently, experts have claimed.
Cybersecurity researchers Safety Detectives say they found a new thread on a popular clearweb hacking forum (a forum hosted on the mainstream internet), in which the poster offered a database to anyone who would comment, or otherwise interact with the thread, for free.
Allegedly, the database belongs to the customers of VirtualMacOSX.com, a cloud-based service that provides virtual Mac OS X servers and desktops, and contains 176,000 lines, split across three separate .txt files. In these files were contained people’s user IDs, full names, company names, email addresses, postal addresses, phone numbers, passwords, password reset keys, bank names, bank types, bank codes, bank accounts, and various support tickets.
Operations stable
The threat also contained a 34-line sample of the database, Safety Detectives said, adding that their superficial analysis confirmed the data’s authenticity.
“Although the data appeared genuine and we saw indicatives in invoices sent to VirtualMacOSX, we could not definitively confirm that the data belonged to VirtualMacOSX’s customers as, due to ethical considerations, we refrained from testing the exposed credentials,” the researchers said.
We would argue that it is unusual for cybercriminals to give away a brand new database containing both banking data and passwords for free, so it could also be that the database is either fake, or recycled from a previous breach. A quick Google search showed no previously reported breaches at VirtualMacOSX.com.
In any case, users should definitely reset their passwords, including on any other platforms where they might have used the same set of credentials.
Furthermore, they should closely monitor their bank accounts for any suspicious transactions. Finally, they should be on the lookout for well-crafted phishing emails impersonating VirtualMacOSX.com.
Leave a comment