- Security researchers find that the threat actor announces an important database
- The file supposedly belongs to Virtualmacosx.com
- Contains passwords, bank data and other confidential information.
Thousands of records belonging to the users of Virtualmacosx, including bank information, have leaked in a recently popular piracy forum, according to experts.
Cyber security researchers Security detectives say they found a new thread in a popular Clearweb piracy forum (a forum housed on the conventional Internet), in which the poster offered a database to anyone who comments, or interacts with the thread, for free.
Supposedly, the database belongs to the customers of Virtualmacosx.com, a cloud -based service that provides virtual Mac OS X servers and desks, and contains 176,000 lines, divided into three separate .txt files. These files contain user identifications of people, full names, business names, email addresses, postal addresses, telephone numbers, passwords, password restoration keys, bank names, banking names, bank codes, bank accounts and several support tickets.
Stable operations
The threat also contained a sample of 34 lines of the database, security detectives said, added that their superficial analysis confirmed the authenticity of the data.
“Although the data seemed genuine and we saw indicative in the invoices sent to Virtualmacosx, we could not definitely confirm that the data belonged to the Virtualmacosx clients such as, due to ethical considerations, we refrain from testing the exposed credentials,” the researchers said.
We would argue that it is unusual for cybercriminals to give a new database that contains bank data and passwords for free, so it could also be that the database is false or recycled of a previous violation. A quick search on Google showed previously reported infractions in Virtualmacosx.com.
In any case, users must definitely restore their passwords, even on any other platform where they could have used the same set of credentials.
In addition, they must closely monitor their bank accounts for any suspicious transaction. Finally, they should be attentive to the emoros of phishing well elaborated that are passed through virtualmacosx.com.
