Personal Data of more than 100 Million Russian for sale in dark web for $3,000 USD

Many of the cryptocurrencies that currently exist, especially Bitcoin, are still used in criminal activities, as mentioned by hacking course experts. This time, experts report that a group of threat actors has stolen the data of more than 120 million Russian drivers to put it up for sale on dark web forums. Those interested in the compromised information can make transfers with cryptocurrency. 

The compromised information includes details such as:

  • Full names
  • Addresses
  • Passport numbers, among other details

After a few days of speculation, it was revealed that the information belonged to drivers and car owners in Russia.

According to the experts of the hacking course, the data was extracted from the General Administration for Transit Security of the Ministry of the Interior, the entity in charge of the transit record of the Russian police. The authenticity of the data has already been corroborated by a local official.

The information was posted on a hacking forum, and those responsible ask interested parties for a Bitcoin (BTC) transfer. The full version of the stolen database is sold for 0.3 BTC (approximately $2,900 USD depending on the exchange rate at the time of writing). Hackers also offer the sale of a specific selection of data for 1.5 BTC (about 14 thousand 500 dollars).    

Multiple signatures and specialists in the hacking course report the increase in the use of cryptocurrencies as a payment method for illicit transactions on dark web. According to a report by Chainanalysis, a New York-based blockchain analytics company, the volume of cryptocurrency flow on dark web sites doubled in 2019 compared to the previous four years.

The exposure of compromised information has also increased significantly, and threat actors even publish this information on hacking forums for free or in exchange for negligible amounts. A few weeks ago, experts reported selling more than 500,000 Zoom account access credentials for less than a penny of a dollar each.  Last March, the Trident Crypto Fund cryptocurrency platform suffered a considerable security breach that resulted in the theft of 266,000 usernames and passwords.

For further reports on vulnerabilities, exploits, malware variants and computer security risks you can access the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.