A routine monitoring check within the Dark Web revealed multiple posts on a hacking forum where threat actor/s are offering alleged leaked data of Chinese citizens. The data probably posted were stolen from numerous famous Chinese services websites such as Gong’an County government site, QQ and Weibo.
One threat actor offer free sample data of the presumed 999 registrants from Gong’an County to prove the data leak he is selling. The county is a province in South Hubei bordering Hunan under the People’s Republic of China. Total data of 7.3 million Chinese citizens are up for sale, including records of Name, ID numbers, Gender, Mobile Number, Home address and code numbers.
Further study of the data revealed that the on-sale samples are from the Weibo platform users.
Weibo is a platform that poster user relationships to share, upload video and photo contents to the public via the website or mobile app. The threat actor in a Russian language hacker’s forum was found selling 41.8 million user records that include weibo_id and mobile number of a user.
QQ, on the other hand, is an instant messaging app developed by the Chinese tech giant, Tencent. QQ offers online social games, music streaming, shopping, blogging, movies, voice and text chat services.
Another threat actor is selling leaked data of 192 million user info of Chinese citizens within the dark web.
Analysis of the sampled data revealed that qq_number and its respective mobile linked to the account are listed in a spreadsheet being sold by the dealer.
The overall data being sold currently totaled over 200 million presumed to be private Chinese citizens’ accounts.
We at iZOOlogic continuously advise avoiding clicking unfamiliar links sent via emails or presented by unverified web pages, limit downloading media from the website you trust, don’t attach unfamiliar USB devices, ensure that the password you are using is complex and hard to decode, enable two-factor or SMS authentication whenever possible. Malware and malicious scripts designed to mine private and financial info are developed daily by cyberattackers, and everyone is at risk of that cyber trap.