Posted on July 30, 2020 at 2:07 PM
Hacker Does Twisted Charity: Gives Away 386 Million Stolen Records
ShinyHunters is a hacker that has made a lot of waves during the first two weeks of May. The short of the story is they offered 200 million new, fresh stolen data records for sale on the dark web. Now, however, the mysterious figure stated that he has made “enough” money, and has opted to dump the stolen data for free on a commercial dark web hacker forum.
A Mysterious Stranger Of Hacking
What makes ShinyHunters such an enigma is the fact that they didn’t recycle any data from old breaches in their offering. Two hundred million records that were prime, unexploited bits of data was very valuable.
As time went on, ShinyHunters, who had before May been nothing but a fancy handle, has turned into a very well-known data breach broker by the start of July of 2020. They’ve even managed to substantially increase the number of breaches under their belt, which only skyrocketed the profitability of their business
As it stands now, it’s unclear exactly how much money this ShinyHunters have managed to gain through the hacking and subsequent selling of data. Some of the databases that were breached were offered up wholesale for as much as $100,000 apiece. As stated before, data is something that’s very valuable, sure, but only if it’s fresh.
Out-of-date information is about as useful as expired medicine, which only makes fresh data all the more valuable. While most of these databases were fresh, it should be noted that a majority of the passwords within these databases were hashed and encrypted, rather than being easily accessed plaintext.
Quite A Profitable Trade
As ShinyHunters kept plying their trade, reports have come up to suggest the average going rate for the database dumps they provide. These reports speculate that the price for this data is anywhere between $1,500 to $2,500 apiece.
Stolen data, however, doesn’t stay fresh for long. It’s not that uncommon for records to be given away after some time, as they’ve essentially “expired” in the eyes of hackers and malicious actors.
A Thickening Plot
The surprise, however, is when ShinyHunters decided to up and give away 386 million records, completely free. These records, according to the claims, encompassed 18 individual data breaches, with nine of them not even having been disclosed until now. This comes by way of Bleeping Computer, who details the full extent of the data breach listings.
ShinyHunters opted to seemingly dump a motherlode, as the data on offer is emails, real names, phone numbers, home addresses, and dates of birth. Among the slog of data, ShinyHunters claimed that there are a few valid credit card numbers, as well.
Like many in the same position would, asked the question of why ShinyHunters would opt to dump it instead of selling it. Asking the hacker directly, ShinyHunters gave a simple, odd explanation. According to the now-popular hacker, they’ve made enough money now, so they decided to leak the data for everyone’s “Benefit.”
Many Questions, But No Answers
The hacker even managed to anger cybercriminals that paid resellers for the data only days before, but stated that they simply didn’t care. They did their job, they got their money, and now just want the data available.
It’s recommended that readers of this article peruse the Bleeping Computer article, see if their data is on the dump. Even if it isn’t, it’s encouraged to increase the relative security of your respective accounts and data.
Undoubtedly, many in the world will now sit and ponder as to who this ShinyHunters is, with their strange sense of morality to “benefit” everyone by making all the data public. What type of person is only interested in doing this just for “enough” money? So many questions, but none of them will be answered, in all likelihood. That’s how the internet works, for good or for ill, and no one will probably ever know who is behind the ShinyHunters handle.