Scary

@Scary@infosec.exchange
9 Followers
11 Following
21 Posts
Interested in exposed data and the news about the subject.
ScaryJul 5

So annoying when services you use get a subpoena and they don't bother to tell you it even happened at all. (Months down the line still nothing...)

Chronological Order:
2019 Subpoena - Mega.nz (Did not attempt to alert me at all and kept it secret)
2020 Subpoena - Google (Alerted me March 27th 2025)
2020 Subpoena - Unknown Service
2022 Subpoena - Unknown Service

Gag order 2019-2025 😅

With the Google alert I was made aware it happened (A week or so earlier I noticed all my 2FA codes on any emails I owned no longer worked and all showed - - - - - - . Guessing that was when the FBI lost access to it)

Contacted Google for the original notice they got sent (Which I found out that Mega had not notified me at all)

Header image related (Subpoena Google received from FBI)

Attached image : Alert sent by Google

ScaryJun 20

@GossiTheDog A lot of the data is all duped too , also nowhere near that amount. (Would be surprised if it was more then 500M unique emails and a nightmare to parse the creds from these exposed ES as it is so many different formats)

They all use the same feeds from telegram channels

It's just cyber news doing what cyber news does , hype everything! and news first and closing the data maybe.........

Show threadScaryJun 18
@jenkins @happygeek most are just the same old logs pulled from telegram channels and database leaks.
Show threadScaryJun 14
@chum1ng0 Funny considering that BR data is so common to find (in bulk mind you) It is up there with India.
Show threadScaryJun 12

@chum1ng0 No , but they probably sent you that cause that is exactly what they would have to do also. (assuming that it is some bucket that is exposed)

Seems even JP Cert have issues blocking access to exposed data.

Last one I reported to JP Cert back in March is still exposed now in June. (Least they actually reply to you though , unlike other CERT I have interacted with in the past)

ScaryJun 11

Anyone heard of magicdocxpress , seems they are selling fake ID's. Most of the IP's are on RU IP range.

The example ID's looks pretty good.

I would post the examples but don't want to get in trouble even though they are clearly fake.

#fraud #FraudDetection

ScaryJun 8
@GossiTheDog 😂
Show threadScaryMay 31
@LisaKalayji Was exposed for like 6 months 😂 , It's the same ol data taken from sources like telegram and imported into a ES cluster. There is an 679M one that is exposed right now also , are we going to lose our minds when that one is finally closed down the line. 😅
ScaryMay 30
@0x0ddc0ffee Never heard about it before.
Show threadScaryMay 30
@0x0ddc0ffee Gmail is honestly not that bad in terms of notifying you of requests from LE (even ones that have gag orders attached) least you will get a notification when they expire. You can't say the same about many other services out there that just keep quiet and say nothing ever. ( example Mega.nz)