“We came across an advertisement in a closed-access forum which is predominantly Russian where someone was selling 100,000 documents for $50,000,” said Aled Karlinsky of Sixgill. “These documents include their ID or passport, proof of address, and unusually, a selfie.” Data dumps containing different forms of information are nothing new. However, this is the first time Sixgill has found a selfie on Darknet.
Researchers believe that the selfie, together with other more traditional informational evidence, may allow the attacker to open a bank account and obtain a loan in the name of the victim. Some banks allow customers to open accounts by uploading their ID scans and taking selfies. Sixgill found that for only $70, he could get a personal ID and have a selfie.
Karlinsky could not determine the source of the dump. He said: “The easiest way to get a selfie is to receive a mobile phone for malware. Another way is to save private information from people through a website, or invade such a website.”
Not long ago, the passport and photo IDs of 119,000 FedEx customers were found on publicly accessible Amazon S3 servers. The server is operated by Bongo International, which was acquired by FedEx in 2014. Researchers at the German security company Kromtech have discovered documents from countries around the world, including the United States, Australia, Canada, and some European countries.
The researchers did not suggest that FedEx’s documents were accessed by malicious third parties. However, this example highlights how improperly configured cloud infrastructure can cause very sensitive documents to fall into the wrong hands.
Source: thenextweb
