Pierluigi Paganini
March 21, 2017
A vendor with the online moniker “SunTzu583” is reportedly selling millions of login credentials for Gmail and Yahoo accounts on a black market in the dark web. Over 20 million Gmail accounts and 5 million Yahoo accounts are available for sale, the huge trove of data is the result of previous massive data breaches.
SunTzu583 is known to security experts, he was specialized in the sale of stolen login credentials.
A couple of weeks ago the colleagues at HackRead reported the sale of more than 1 million Gmail and Yahoo accounts by the same seller and a few days later, SunTzu583 started selling PlayStation accounts.
SunTzu583 offered 640,000 PlayStation accounts for USD 35.71 (0.0292 BTC), the dump includes emails and clear-text passwords.
SunTzu583 confirmed that the archive was not directly stolen from PlayStation network, but it does contain unique accounts of PlayStation users. The seller added that even if the accounts may work for other web services they are first of all PlayStation accounts.
Back to the present, the seller SunTzu583 is offering in separate listings millions of Gmail accounts.
In three different listings, he is offering 4,928,888 accounts.
“The total number of Gmail accounts being sold are 4,928,888 which have been divided into three different listings. All three listings contain 2,262,444 accounts including emails and their clear text passwords.” reports the analysis published by HackRead. “In the description of these listings, SunTzu583 has mentioned that “Not all these combinations work directly on Gmail, so don’t expect that all these email and passwords combinations work on Gmail.””
The researchers at HackRead who have compared the listings with Hacked-DB and Have I been pwned repositories confirmed that the sources of the data are past data breaches including LinkedIn (117 million accounts), Adobe (153 million accounts) and Bitcoin Security Forum (5 million Gmail passwords).
The vendor SunTzu583 is offering also another separate listing including additional 21,800,969 Gmail accounts that go for USD 450.48 (BTC 0.4673). According to the seller, 75% accounts contain decrypted passwords while 25% passwords are hashed.
Also in this case, HackRead confirmed that the origin of the data are various data breaches occurred in the past, including Nulled.cr breach in May 2016, MPGH.net breach, and Dropbox breach.
The seller is also allegedly selling 5,741,802 Yahoo accounts for $250 (0.2532 Bitcoins).
Most of the accounts listed were not active and the sources may be MySpace, Adobe and LinkedIn data breaches.
The dark web vendor warns users that not all the login credentials work.
[adrotate banner=”9″]
(Security Affairs – dark web, Gmail)
