Data breaches remain a lucrative business for Internet criminals, especially when they want to sell information for Bitcoin. A data dump containing over 33 million hacked Twitter accounts are now up for grabs in exchange for 10 Bitcoin.
According to ZDNet, the hacker selling these Twitter details has been linked to the recent LinkedIn, Tumblr, and Myspace data breaches. But this time, the individual – or collective – went after a much bigger platform by targeting Twitter. As it turns out, platform users have had their passwords exposed somehow. Malware seems to be the most likely culprit, as Twitter has not reported a data breach.
Tessa88 is the name of the seller and a name that has been mentioned in most of the other breaches as well. This Russian individual claims to have obtained over 33 million credentials belonging to Twitter users. All of the passwords are available in plain text, and the information envelops email addresses and usernames as well.
To make matters even worse, Tessa88 claims he obtained 379 million accounts back in 2015. It is difficult to verify this assertion, considering Twitter “only” has 310 million active users. Then again, LeakedSource ran a database analysis, which confirms roughly 33 million unique accounts are present, after removing a lot of duplicates.
So far, LeakedSource managed to trial 15 different accounts, and all of them seemed to work fine. It is very likely the passwords were stolen from consumers directly, which would explain why they are stored in plain text. However, it is important to note no one knows for sure whether or not Twitter encrypts and salts user passwords either.
As one would come to expect from such a treasure trove of information, it can be purchased on the deep web. Bitcoin is the only accepted payment form, and the price for the entire database is set at 10 BTC. At current prices, this means 33 million Twitter accounts are worth US$5,800 to the hacker.
For some reason, internet criminals continue to flock to Bitcoin as a payment method. The cryptocurrency is not anonymous, and all transactions can be traced in real-time. There is an aura of anonymity surrounding Bitcoin, albeit it is entirely unjustified.
What are your thoughts on this Twitter data dump? Let us know in the comments below!
Images courtesy of Twitter, Shutterstock
1 Hova Villas Brighton & Hove
BN3 3DH United Kingdom
All rights reserved by Bitcoinist Ltd. | 2016.