Gnosticplayers: The attacker who has gone by the name Gnosticplayers in the past is back with a new database of users which they claim to be from Zynga, a mobile game developer. After releasing a statement a week ago, Zynga stated they had been the victim of a cyber-attack, where a malicious actor was able to steal their user’s information. The database is now being posted on the darknet by the known hacker Gnosticplayers. The attacker is believed to be a single person that continues to leak troves of data on the darknet, some being for sale and other information is for trade. The attacker confirmed that names, email addresses, usernames, and SHA1 hashed and salted passwords were included in the breach. It is not believed that any financial information was taken at this time, but the investigation is ongoing.
Analyst Notes
Gnosticplayers is responsible for some of the biggest breaches of the year, all being put up for sale on the darknet. Although they have seemed to slow down slightly in their efforts, it is likely we will continue to see this actor as one of the prominent attackers breaching companies and selling the data.
