A hacker known as USDoD claims to have scraped 332 million email addresses from SOCRadar.io, which were later dumped online by another threat actor, Dominatrix. This dump raises a significant security concern as SOCRadar.io is a prominent threat intelligence platform.
A threat actor known as Dominatrix has published a trove of 332 million email addresses on Breach Forums, allegedly scraped from SOCRadar.io, a comprehensive cyber intelligence platform that provides a range of services to help organizations protect against cyber threats.
Incident Details
This incident, which is NOT a data breach, took place in July 2024. The announcement on cybercrime and hacker platform Breach Forums detailed that USDoD, known for previous high-profile data breaches, was responsible for scraping SOCRadar.io.
The 14GB worth of CSV file containing only the email addresses and no passwords, was parsed from stealer logs and combolists, which typically contain data harvested through malware infections and aggregated from various data breaches.
USDoD was initially selling the scraped data for $7,000 on 28 July 2024. However, Dominatrix, who claimed to have purchased the data from USDoD, made the data publicly available on August 3, 2024, stating:
“Hello BreachForums Community, Today I have uploaded a SocRadar database for you to download, thanks for reading and enjoy! In July 2024, @USDoD scraped socradar.io extracting 332 million emails parsed from stealer logs and combolists. I have purchased the data to share with you all today.”
The Hacker USDoD
USDoD is a well-known figure in the cybercrime community, with a history of breaches and data leaks. Some of the notable incidents include:
Implications of the Incident
Although the exposure only contains email addresses without passwords, PII (Personally Identifiable Information), or KYC (Know Your Customer) data, it still has several serious implications. One of the primary concerns is the increased risk of phishing and spam. With such a large dataset, individuals and organizations can expect a surge in phishing attacks and spam campaigns.
Additionally, the leak opens the door to brute force attacks, where cybercriminals attempt to log in to existing accounts on various websites. Additionally, by using email addresses from the breach, hackers can find corresponding passwords from previous data breaches and compromise target accounts. This makes it essential for individuals to use unique passwords across different sites and enable multi-factor authentication where possible.
Web Scraping
Web scraping or data scraping, is an automated process utilized by software to extract data from websites, primarily for gathering specific information from web pages. The process is almost impossible to block since Chess.com is a large website.
Large websites use various measures to prevent scraping, such as rate limiting and captcha challenges. However, scrapers are constantly developing new techniques to circumvent these measures and some scrapers may collect the data for research purposes, such as to study social networks or to develop machine learning models.
SOCRadar.io’s Response
As of now, there has been no official response from SOCRadar.io regarding the incident. The cybersecurity community awaits their statement and any measures they plan to implement to prevent such incidents in the future.
Hackread.com has reached out to SOCRadar for comment. Stay tuned!
RELATED TOPICS
- Twitter Scraping Breach: 209 Million Accounts Leaked
- Hacker Leaks 800,000 Scraped Chess.com User Records
- Data scraping firm leaks 235m Instagram, TikTok, YouTube records
- Facebook sues Ukrainian man for scraping, selling 178m users’ data
- This Website is Selling Billions of Private Messages of Discord Users