Show vulnerabilities with patch / with exploit
26 May 2020

Hackers put up for sale SQL databases stolen from online shops


Hackers put up for sale SQL databases stolen from online shops

Cyber crooks are offering for sale more than 30 SQL databases stolen from e-commerce shops from various countries. According to Bleeping Computer, malicious actors search for insecure servers exposed online, compromise them and leave a ransom note after copying the data from hacked servers.

Crooks are threatening to leak the content of the database if the victims don’t pay BTC 0.06 (approx. $534 at current price) in ten days. The ransom notes included several wallets that received more than 100 transactions for a total of BTC 5.8 ($51,633 at current price).

“The number of abuse reports for these two wallets is over 200, the oldest being from September 20, 2019. The most recent one is from May 20 and this month alone there were nine reports, indicating that the actor is highly active,” Bleeping Computer wrote.

The seller is offering 31 databases, more than half of which are from online shops in Germany, other compromised databases are from Brazil, the U.S., Italy, India, Spain, and Belarus. The hacked online shops were running Shopware, JTL-Shop, PrestaShop, OpenCart, Magento v1 and v2 e-commerce platforms.

The databases contain in total 1,620,000 rows, and depending on the store, the information includes email addresses, names, hashed passwords, postal addresses, gender, and dates of birth.

Back to the list

Latest Posts

Weekly security roundup: July 13, 2020

Weekly security roundup: July 13, 2020

A short overview of last week's top stories in the world of cyber security.
13 July 2020
Hackers are attempting to exploit recent Citrix vulnerabilities

Hackers are attempting to exploit recent Citrix vulnerabilities

Citrix downplayed the impact of the vulnerabilities and said they are less likely to be exploited compared to CVE-2019-19781.
13 July 2020
Zoom patches critical bug affecting Zoom client for Windows

Zoom patches critical bug affecting Zoom client for Windows

The company has also released a planned update for Phone and Web users, which brings AES-256 bit encryption.
13 July 2020