538 Million Weibo users’ records being sold on Dark Web

Hackers are offering for sale on the dark web data belonging to 538 million Weibo users, including 172 million phone numbers.

Data of 538 million Weibo users are available for sale on the dark web the news was reported by several Chinese media and users on social networks.

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords.

The huge amount of data is available for 0.177 Bitcoin, approximately USD 1032.

“Internet users found that 538 million Weibo user records are being sold on dark web marketplace. 107 million of the whole leaked personal data have basic account information, including user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more.” reported the website PingWest.

好吧,和你们聊聊微博的事。有人在暗网卖微博数据,5.38亿微博用户绑定的手机号,其中1.72亿有账号的基本信息,售价0.177比特币。云舒在微博披露了这事。我获得了测试数据用以验证,数据为真。微博安全总监回应是19年攻击者通过通讯录上传接口暴力匹配,当时第一时间报案。数据不涉及密码字段。 pic.twitter.com/M3fIhHenR2— Lancet (@1ancet) March 19, 2020The presence in the dump of not public users’ details, including gender and location, suggests the hackers had access to the company database.

Weibo is a popular Chinese micro-blogging (weibo) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018.

The ads published by the sellers claim that the data were stolen from Weibo in mid-2019.

The company confirmed that the data were obtained in 2019 due to credential stuffing attacks and other information gathered online. The explanation provided by the company is not convincing because the dump offered for sale doesn’t include users’ passwords.

“Phone numbers were leaked due to brute-force matching in 2019 and other personal information were crawled on the Internet,” said Luo Shiyao, Director of Information Security at Weibo. “When we found the security vulnerability we took measures to fix it. We also reported to the police as soon as possible and submit related information to them. Besides, we have been investigating the ‘gray industry’ because we take user personal information very seriously, especially their personal data contains phone numbers.”

“Don’t be credulous. Both password fields and Know Your Customer (KYC) data fields are not shown in the description. Don’t worry too much. Good night.” Luo added.

The seller also shared samples of the data that are legitimate.

The Chinese company already notified authorities about the incident, the investigation is still ongoing.