150 GB of fresh stolen database from over 945 hacked websites being sold on Dark Web


Someone is selling fresh 150 Gigs fresh database containing unpacked SQL files from 945 hacked websites to highest bidder on Dark Web hacker forums

There is a massive ‘fresh’ database put up for sale on dark web hacker forums. Researchers from Lucy Security have found a freshly minted 150 GB database comprising of unpacked SQL files allegedly stolen from a whopping 945 websites being offered for sale on the Dark Web.

The database is fresh and contains victims’ full names and phone numbers, emails, usernames, hashed and non-hashed passwords, IP addresses, and physical addresses, along with other information. Lucy Security says that the data has been obtained by hacking 945 websites and could potentially impact at least 14 million users worldwide.

Lucy researchers say that the data collection has information from a plethora of websites and is not limited to any single region. The hacking seems to be the handiwork of different hacker groups but has been compiled into two databases and is being put up for sale to the higher bidder on dark web hacker forums.

Lucy Security researchers first spotted the databases put up for sale on the Dark Web on June 1. According to them, an unknown threat actor put the first database for sale on June 1 and the second one on June 10. The two databases contain a total of 150 GB of unpacked SQL files according to Lucy Security.

“The entity who collected and shared the databases on the dark web claims to have gathered these so-called ‘private’ databases without having committed any hacking by themselves, yet they also claim to possess even more databases, which they are planning to share or sell to the highest bidder,” Lucy Security says.

Fresh database

Usually, the databases sold on Dark Web are from hack attacks that date back to 5 years. The sellers compile the databases through credential stuffing and other means and put it up for sale. This compilation method was made famous by Ukrainian hacker, Sanix who sold such compilations named Collection #1, Collection #2, and so forth.

However, the data trove discovered by Lucy Security is a freshly minted unpacked database of SQL files. Lucy says that the data appears to be from small hacked websites like a boutique hotel in Kathmandu, a Raspberry Pi tutorial blog, a photographer from Chelsea, or an EMS service provider. These websites have less than one million visitors each, based on their Alexa rankings. According to Lucy Security, all the hack attacks took place between 2017 and 2020 and impact roughly 14 million users worldwide. Lucy researchers also found data of 14 government websites in the collection. These websites belong to the government of Ukraine, Israel, UK, Belarus, Russia, Lebanon, Rwanda, Pakistan, and Kyrgyzstan.

“This is an entirely new threat; none of the databases were known to the public before,” Lucy says. If the database is indeed new, it could command a premium on the dark web hacker forums.


About Author

"The Internet is the first thing that humanity has built that humanity doesn't understand, the largest experiment in anarchy that we have ever had." Eric Schmidt

Notify of
Inline Feedbacks
View all comments