Las fugas de datos no han parado de aparecer durante 2020, cada semana se registran datos de nuevos robos, en algunos casos por una protección deficiente, en otros porque los ciberdelincuentes se hacen con el acceso a alguna base de datos, siempre buscando nuevos métodos para infiltrarse en infraestructuras con el fin de hacerse con el control de la información contenida.
Por norma general, al caer en las manos de ciberdelincuentes, estas filtraciones pueden ser empleadas principalmente con cuatro fines distintos:
- Extorsionar a la compañía, exigiendo un pago a cambio de su eliminación y no difusión pública.
- Explotarlos para cometer otros delitos como el fraude con tarjetas, suplantación de identidad, phishing campaigns or others.
- Sell them on the black market, where they will be acquired by third parties who will use them for the purposes mentioned in the previous point.
- Distribute them for free. This is the most common use in the context of hacktivism.
On some occasions, once the attacker has “recouped” an exfiltration, either by selling it or exploiting it, decides to make it public for free, mainly for prestige within the community. This is the path that ShinyHunters seems to have taken, by offering the free download of 368 millions of user records from 18 companies and online services.
After learning about the leak, which has been revealed by Bleeping Computer, Their managers have carried out several checks to see if the credentials are real and operational on the affected sites, some tests that turned out positive, confirming that the records are real and can be exploited currently.
The list is divided, to the 50%, into leaks that were already known, against nine others that have been made public with this ShinyHunters action and about which there are still no official statements from the victims.