Home News Data Viper Servers Hacked; Over 8,000 Databases Leaked

Data Viper Servers Hacked; Over 8,000 Databases Leaked

106 million Thailand visitors

A hacker going by the name “NightLion” claimed to have stolen 8,200 backend servers of threat intelligence and data leak monitoring service Data Viper, according to a report from KrebsonSecurity. The hacker also alleged that they are selling around 2 billion records from Data Viper’s databases on the darknet forums.

The hacker emailed several cybersecurity reporters a link to a darknet portal where they published details about the servers’ hack.  He also provided the proof of the access to a list of 482 downloadable JSON files that are stolen from the breached servers. The hacker claims to have spent up to three months inside Data Viper servers and also posted advertisements on the Empire Dark Web marketplace selling 50 databases that Data Viper allegedly acquired via trading with others on cybercrime forums.

Vinny Troia, the creator of Data Viper and the security researcher at cybersecurity firm Night Lion Security admitted that the hacker group gained access to one of the DataViper servers. Troia stated that the hacker is actually selling their own databases, rather than any stolen data from their servers. He  stated that the hacker might be linked to other infamous hacking groups like TheDarkOverlord, Shiny Hunters, and GnosticPlayers.

Darknet Flood with Leaked Databases

In a similar research, security firm Cyble revealed that a hacking group Shiny Hunters is selling Wishbone.io database on darknet forums. The leaked database contained over 40 million records of Wishbone users–a social platform that allows users to compare social content via voting poll. It is found that the Shiny Hunters group was responsible for numerous data breaches including the breach of 73.2 million user records from over 11 companies. The hackers are also behind the Tokopedia data breach, in which 91 million user records were compromised and kept on sale on the hacking forums for $5,000. Later, the group breached India-based online learning platform Unacademy, which exposed details of 22 million users and kept the records for sale on the darknet forums for $2,000.