Hacker is auctioning a database containing details of 92 million Brazilians

A database containing details of 92 million Brazilians was auctioned by a threat actor on underground forums along with a search service focused on Brazilians.

Someone is auctioning on several restricted underground forums a database containing personal information of 92 million Brazilian citizens. The threat actor, registered as X4Crow, is also advertising a search service that allows retrieving detailed information on Brazilian citizens.

Source: Bleeping Computer

The records are arranged per province, they include names, dates of birth, and taxpayer ID (CPF – Cadastro de Pessoas Físicas), taxpayer details about legal entities, or the CNPJ (Cadastro Nacional da Pessoa Jurídica).

The initial price to participate in the auction is $15,000, participants can raise the price of 110 each time.

“A post on one of the forums seen by BleepingComputer informs that the database is 16GB large, in SQL format. The starting price for the auction is $15,000 with a step up bid of $1,000.” reported Bleeping computer.

According to BleepingComputer researchers that received a sample of the database, the data are authentic.

At the time of writing, it seems that the seller has not received any bid.

X4Crow also advertises a search service that allows retrieving detailed information on Brazilians (i.e. Email address, profession, education level, possible relatives, neighbors, license plates, vehicle, ID card, driver’s license) simply providing a full name, taxpayer ID, or phone number.

“There is no guarantee that all the details will be retrieved for all individuals but the report may provide, on average, 80% of the specifics listed above.” continues BleepingComputer.

Querying the service to retrieve data on a specific company and its corporate structure could cost up to $150.

According to BleepingComputer, X4Crow is a reliable actor in cybercrime underground even if it isn’t operating for a long time.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Brazilians, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini: Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

This website uses cookies.