100M Stolen Youku Accounts for Sale on Dark Web

715
Unlocking online security concept
Over 100 million user accounts from Youku Inc. have been stolen and are listed for sale on the dark web by ‘CosmicDark’.

The appearance of stolen information on the dark web is neither a new trend nor is it something that will change in the near future.

Three months ago, an estimated 1 billion user accounts were stolen from NetEase Inc, an internet company considered to be one of the biggest in China, and its subsidiaries 163.com and 126.com.

Your TOR usage is being watched

The database was being sold on the dark web for just $800, and is allegedly still available for purchase.

Now, a hacker going by the moniker ‘CosmicDark’ has unveiled yet another cache of stolen user account information, this time from a Chinese video service known as Youku Inc.

CosmicDark has listed over 100 million Youku user accounts on the dark web, claiming that they have only been made live this year.

For this bundle of stolen data, the dark web digital goods seller is asking for approximately $300 in Bitcoin for the fruits of his hack.

Decrypted Emails and Passwords

For verification purposes, the seller availed 552 user accounts from his dark web loot and it was revealed that the emails and passwords to those accounts have already been decrypted using SHA1 and MD5 hashes.

Hacker in front of his computer. Dark face
The appearance of stolen information on the dark web is neither a new trend nor is it something that will change in the near future.

Security researchers also found that a majority of the emails in the cache of stolen data are based on @qq.com, @163.com, and @xiaonei.com.

The Youku Inc. data breach was confirmed by Have I been Pwned, a popular platform that lists all the websites whose information is being sold on the dark web.

Samples from the massive cache of data being sold on the dark web are already available on various locations on the internet.

Read >>
Second Judge Recommends To Discard Evidence Obtained From FBI Mass Hack

Youku Users not alerted

It is possible that the affected Youku users are not aware that their account information is being sold to the highest bidder on the dark web.

Speculation that the video service giant is still not aware of the massive breach could be true, seeing as there have been no statements issued to the press or directions given to its affected users following the discovery of their databases.

The implications this could pose, especially on the privacy of the users, are quite significant.

The video service company should act to mitigate any problems arising from the exposal of their users’ crucial credentials to dark web criminals who could use it to further exploit the people involved.

Youku Inc. is not the first nor the biggest case of data theft we’ve heard in the recent years.

The internet is still reverberating with the theft of over 21 million Gmail and Yahoo accounts that have already been put up for sale on the dark web.

The only difference is that the two information technology companies acted fast to inform their users of the data breach and advised them accordingly to mitigate the damages caused by any criminal looking to benefit off of their information.

Also available on the same marketplace where the Youku user accounts are being sold are nearly 640,000 PlayStation accounts that have already been decrypted, and millions of user accounts stolen from 25 vBulletin and 11 Bitcoin forums.

This shows that the stolen digital goods trade is one that is still thriving on this marketplace despite being largely shadowed by the illicit drug and weapons trade, malware trade, and child pornography rings.

Read >>
Hacking Forum "w0rm" Breached and Defaced

Poor Security Measures

Even as these data breaches seem to be getting out of hand, it is hard to allocate blame directly to one individual or entity.

A combination of poor security measures on the part of Youku Inc. and advanced hacking techniques from dark web vendors could have equally attributed to the hack and theft of the accounts.

Although CosmicDark has yet to reveal how exactly the hacking of Youku Inc. was orchestrated and executed, it is evident that the video service giant could use a renovation of the security systems they have put in place.

Write for us

Disclaimer:

The articles and content found on Dark Web News are for general information purposes only and are not intended to solicit illegal activity or constitute legal advice. Using drugs is harmful to your health and can cause serious problems including death and imprisonment, and any treatment should not be undertaken without medical supervision.

LEAVE A REPLY

1: No Contact Information (Thousands have tried, don't bother) 2: No promotional message.

Please enter your comment!
Please enter your name here

Your comment will appear after few minutes if it is allowed by the moderator. Refresh the page to see it.