Posted on January 22, 2021 at 9:40 AM
A recent report revealed that a hacker has posted 1.9 million compromised Pixlr user accounts for free on a dark web forum.
The user records contain information that may be used by threat actors for credential stuffing and phishing attacks.
Pixlr is a popular online photo-sharing app that is free to register and use. It has features similar to the features found on professional desktop photo editor such as Photoshop. Although the basic features of the site are free, it also offers premium versions for members that include stock photos, and more advanced photo editing tools.
However, a hacker that goes by the pseudonym ShinyHunters, posted a database for free on a darknet forum, claiming that it was stolen from Pixlr portal after breaching Pixlr’s sister company 123rf. Both platforms are owned by one company, Inmagine.
Familiar hunters on a familiar territory
The ShinyHunters threat actors are well known in the hacking world, as the group has terrorized cyberspace with lots of hacking campaigns. They are known for high-end hacking activities of websites and selling of databases through data breach brokers.
ShinyHunters have been linked to some notable data breaches at Wattpad, Mathway, Promo, Dave, Chatbooks, Minted, Homechef, Tokopedia, and many others.
The recent Pixlr posted by the hacking group contains 1,921,141 user records of login names, emails, country, and SHA-512hashed passwords.
ShinyHunters revealed that the database was downloaded from Pixlr’s AWS bucket at the end of 2020.
After pointing the stolen database, he received several messages from other hackers in appreciation for the files, since they can use the details to launch phishing attacks in the future.
Pixlr wall emailed for a response on the situation, but the firm has not replied to any of the messages. From a little examination of the breached database, BleepingComputer affirmed that the email addresses belonged to users of the Pixlr platform.
The details in the compromised database point to the fact that Pixlr user data was breached.
As a precaution to avoid further attacks through compromised emails, security experts have advised users who are affected on the next line of action.
Users have been advised to change their passwords as soon as possible. When choosing a new password, they should pick a very strong one that’s not linked or have any resemblance with other passwords they use elsewhere.
As has been a note, some threat actors can hack into an account based on information and details retrieved from a similar account on another platform.
If the same password from Pixlr is used in another site, it makes the hacker’s job easier as they can hack into the account.
For those who are afraid of forgetting their passwords, it’s recommended that they use a password manager that will keep all their accounts safe and active at the same time.
The extent of hacking incidents has risen to an unimaginable extent. Hackers have now become more sophisticated and strategic when they are launching attacks on their next victim.
A major blow to Company’s goals
Pixlr is part of the INMAGINE creative ecosystem, which is designed to give users easy access. The platform has been undergoing tremendous product development since 2017. There are new updates on the platform, which includes the ability to leverage machine learning and artificial intelligence on the platform to accelerate content creation.
The platform says it also provides millions of stock content to paid subscribers looking for a faster, smarter, and easier design experience.
An additional feature is the ability of Pixlr subscribers and users to access unlimited design assets and intelligent editing tools for creative image photo and image editing.
However, the recent attack and compromise of its platform will be a major blow to the company’s goals and aspirations.