- Security researchers find the threat actor announcing a major database
- The archive would belong to virtualmacosx.com
- It contains passwords, banking data and other sensitive information
Thousands of files belonging to the users of VirtualMacosx, including banking information, have been disclosed on a recently popular hacking forum, experts said.
The safety detectives of cybersecurity researchers say that they have found a new thread on a popular Clearweb piracy forum (a forum hosted on the mainstream internet), in which the poster offered a database to all those who comment or interact otherwise with the wire.
Alert to the database belongs to virtualmacosx.com customers, a cloud -based service that provides servers and virtual OS X virtual desktops, and contains 176,000 lines, divided on three distinct .TXT files. In these files, user IDs, complete names, business names, email addresses, postal addresses, telephone numbers, passwords, password reset keys, banking names, banking types, banking codes, bank accounts and various support tickets.
Stable operations
The threat also contained a sample of 34 lines in the database, said security detectives, adding that their superficial analysis has confirmed the authenticity of the data.
“Although the data seem authentic and we have seen indicatives in the invoices sent to VirtualMacosx, we could not definitively confirm that the data belonged to virtualmacosx customers, due to ethical considerations, we have refrained from testing the references exposed,” said the researchers.
We will say that it is unusual for cybercriminals to give a whole new database containing banking data and passwords, it could also be that the database is false, or recycled from a previous violation. A quick search on Google has not shown no violation previously reported on virtualmacosx.com.
In all cases, users must certainly reset their passwords, including on all other platforms where they may have used the same identification set.
In addition, they should close their bank accounts closely for any suspicious transaction. Finally, they should be looking for well-designed phishing emails imitating virtualmacosx.com.
