New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Hacker Selling 93 Million Credentials

Gnosticplayers: A user going by the name Gnosticplayers is attempting to sell almost 93 million user credentials on a darknet marketplace for 2.6249 BTC, or $9,986.43 USD.  The information comes from breaches of eight different websites which includes, Jobandtalemnt, Onebip, StoryBird, StreetEasy, GfyCat, Classpass, and Pizap.  All of the compromised databases include the account holder’s name, email address/username, and password. Onebip also include the user’s PayPal and banking information as well.  This is not the first time the Gnosticplayers have posted a large data breach, but it does illustrate that the group has access to even more data than originally believed.  According to a recent post by Gnosticplayers, they have more databases which they will be looking to sell in the near term as well. It is currently unknown if any of the databases have been purchased, as Dream Market has not been reliably accessible throughout the weekend since the items were initially posted for sale.