It has been reported that millions of PayPal accounts have been traded on underground forums, which has raised a new wave of alarm in the ever-evolving landscape of cybercrime. Using the moniker “Chucky_BF”, a hacker announcing the availability of a dataset of 15.8 million PayPal accounts for the startlingly low price of $750 USD has advertised what he claims is a dataset of 15.8 million PayPal accounts.
There has been widespread discussion across social media about the trove, which allegedly contains a 1.1 gigabyte text file that stores plaintext email and password combinations, making them accessible and ready for immediate use for malicious purposes. According to the hacker, the records he created cover a wide range of email providers, such as Gmail, Yahoo, Hotmail, among others, suggesting that the victims are spread around the globe.
A concern, however, may be the inclusion of PayPal-specific login URLs and mobile URLs, which appear to be structured in such a way as to facilitate an automated exploit. The stolen credentials are organized along with direct links to PayPal sign-in portals that you can use to sign into PayPal—for example, the /signin, /signup, /connect, and the Android application URIs—in a way that makes them easy for cybercriminals to deploy as a toolkit.
According to screenshots of the offer being circulated on the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: