During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens. Data might have been stolen from multiple popular Chinese services, including Gongan County, Weibo, and QQ.
Gong’an County is a county in southern Hubei province, People’s Republic of China, bordering Hunan to the south. It is under the administration of Jingzhou City. A threat actor is offering sample data of alleged 999 household registrations of Chinese citizens from Gong’an county as a proof of the hack. Data belonging 7.3 million Chinese citizens are available for sale, the records include Id, Sex, Name, Birth, Mobile, Address, and Code number.
Experts also noticed the sale of data related to users of the Weibo platform.
“The threat actor was selling 41.8 million records on a Russian-speaking cybercrime forum.” reads the post published by Cyble.
“During the analysis of the sample data, it was noticed that the weibo_id and respective mobile number were listed in an excel sheet. The threat actor is selling details of 41.8 Million chinese users on the darkweb.”
Cyble researchers also discovered a threat actor offering records belonging to users of the popular Tencent-owned QQ instant messaging software service and web portal. The threat actor is selling details of 192 Million Chinese users on the darkweb.
The analysis of the sample data revealed the presence of the qq number and respective mobile number in an excel sheet.
The overall availability of records related to Chinese citizens is over 200 million.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, China)
[adrotate banner=”5″]
[adrotate banner=”13″]
FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback…
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices…
Law enforcement operation codenamed 'Operation RapTor' led to the arrest of 270 dark web vendors…
A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its…
Signal implements new screen security on Windows 11, blocking screenshots by default to protect user…
This website uses cookies.
