ZDNet: “A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall. The hacker’s name is Gnosticplayers, and he’s responsible for the hacks of 44 companies, including last week’s revelations. Since mid-February, the hacker has been putting batches of hacked data on Dream Market, a dark web marketplace for selling illegal products, such as guns, drugs, and hacking tools. He’s released data from companies like 500px, UnderArmor, ShareThis, GfyCat, and MyHeritage, just to name the bigger names. Releases have been grouped in four rounds —Round 1 (620 million user records), Round 2 (127 million user records), Round 3 (93 million user records), and Round 4 (26.5 million user records)….
Hackers like Gnosticplayers are part of small underground communities of hackers and data hoarders. They hack companies, steal their data, and then sell it to vetted partners. This data is filtered and organized in various categories. Stolen email addresses are sold to spam botnets. Financial details are sold to groups specialized in online fraud or tax scams. Usernames and cracked passwords are sold to botnet operators specialized in credentials stuffing attacks. This is a lucrative business, and many of these hackers don’t have to sell their data on public marketplaces like Dream Market….”