Mastodawn

New breach: Last month 26M unique email addresses were collated from info stealer logs in Telegram channels. Data also included passwords and the websites they were entered into, captured by info stealer malware. 90% were already in @haveibeenpwned. More: https://www.troyhunt.com/begging-for-bounties-and-more-info-stealer-logs/

Begging for Bounties and More Info Stealer Logs

TL;DR — Tens of millions of credentials obtained from info stealer logs populated by malware were posted to Telegram channels last month and used to shake down companies for bug bounties under the misrepresentation the data originated from their service. How many attempted scams do you get each day? I

Troy Hunt

Show thread

Jasmine Aug 1, 2024

@haveibeenpwned instead of using this ai tool for art, consider paying struggling artists for good art?

Show thread

keschi

Θ Aug 1, 2024

@haveibeenpwned @troyhunt here's the deal though: one of my honeypot email addresses is in this specific leak, but none of my real ones are. I would feel comfortable sharing more details in DMs to elaborate.

I am also certain that none of my systems are running any sort of info stealer malware.

So, this leak cannot be purely a info stealer leak - it is definitely a combined list of some sort again.