A hacker, hiding under the pseudonym NightLion, claims that has exploded the service for monitoring and aggregating leaks DataViper and has already put on sale over 8 thousand company databases on the darknet.
Specialists often scan hacker forums, insert sites and other sources in search of data, stolen from various companies. Such information is usually stored privately, and access to it is provided only to customers of the aggregator.
On the Empire, a trading platform on the darknet, an attacker has already put up for sale 8225 databases, where he claims that there are personal data of 15 billion users.
By the way, let me remind you that Digital Shadows analysts say that more than 5 billion unique credentials can be found on the black market
NightLion also sent dozens of media outlets on its website on the darknet, where it published data samples, and also explained in detail why and how it attacked DataViper.
Apparently, the whole point is that an American information security expert Vinny Troia owns Night Lion Security and DataViper. No wonder the hacker took the pseudonym NightLion, which coincides with the name of the Troy company, and he openly declares that he wants to damage the reputation of the researcher and bring him to clean water.
In his ezine, the hacker tells in detail that he spent three months on the DataViper servers, stealing the databases that the service indexed for its leak monitoring service.
“Troia’s service is no better than WeLeakInfo and LeakedSource aggregators, closed by law enforcement agencies. It provides access to the collected data not only to companies and law enforcement agencies, but also to attackers, with whom it cooperates (including members of the GnosticPlayers group)”, – writes the cracker.
On his website, the hacker published a complete list of 8225 databases that were collected by DataViper, a list of 482 downloadable JSON files containing samples of stolen data, and proof that he really had access to the DataViper backend.
Most databases from the NightLion list relate to old leaks that occurred many years ago, and the data leaked to the network long ago and can be found in many different sources. However, a number of companies listed on the hacker list have never reported security problems and data leaks. NightLion writes that he’s not even sure that Troy informed these companies about hacks, and they had the opportunity to deal with the problem and notify their users.
Vincent Troia told ZDNet reporters that the hacker really got access to one of the DataViper servers, but it was only a test server.
According to the expert, the hacker is selling his own databases, rather some information stolen from DataViper. He assures that this data has been publicly available for many years, and in some cases, Troia really received information from the same hacker communities, which uses an attacker. In particular, the researcher believes that the attacker is associated with several hacker groups, including TheDarkOverlord, ShinyHunters and GnosticPlayers.
Troia explains that he described the activities of these groups in his book, released this spring, and now hackers are trying to damage his reputation.
“When people think that they are illegal, they become careless. So much so that they forget to look at their own historical mistakes. I described this whole scenario in detail in my book when I let them access my web server to find out their IP addresses. But they don’t learn anything. All they got access to is just a development environment. All this is the actions of frightened boys who have been pressed against the wall and are facing a loss of freedom,” — comments Vincent Troia.
He also believes that this action was timed to coincide with his speech at the SecureWorld conference that could take place in the middle of this week. In his speech, the expert plans to cover on the topic of these hackers and their real personalities.
