Russia’s Facebook alternative, VK site hacked, data sold on Dark Web underground forums for 1 Bitcoin
The Facebook equivalent of Russia, VK was hacked by hackers who stole personal information of registered users and is selling it on Dark Web underground forums.
According to breach notification site LeakedSource, accounts of over 100 million users of popular social media site VK.com are being transacted on the digital underground. The site obtained the data and published an analysis on Sunday. In the meantime, the hacker known as Peace, has put up the data for sale on a dark web market.
Heavily inspired by Facebook, VK.com based in St. Petersburg, Russia – formerly known as VKontakte – is said to be the largest European online social networking service, with over 350 million users at the last count. The site was founded by Pavel Durov, who sold his stake in VK and created the messaging app Telegram. The site has all the same features one might expect, where users can message each other publicly or privately, create groups, public pages and events, share and tag images, audio and video, and play browser-based games.
The hack is thought to have been carried out sometime between 2011 and 2013, but Peace who is selling the data could not be more precise. He has claimed to have access to another 71 million accounts, but decided not to sell them yet.
A database containing a total of 100,544,934 records was provided by Peace to Motherboard, and LeakedSource was provided a smaller sample for verification purposes. The stolen database contains full names, email addresses and passwords, and in many cases locations and phone numbers.
The passwords were already in plain text when the site was hacked, and were not cracked at a later date, according to Peace. The hacker is selling the data on a dark web marketplace for 1 bitcoin, or around $570-$580 at today’s exchange rates.
Motherboard found that out of 100 randomly selected email addresses from the larger database, 92 agreed to active accounts on the site. Motherboard confirmed that the password was correct, when they got in touch with a Russian friend.
While most of the phone numbers were genuine, not all of users had numbers listed. At the time of writing, a phone number is required upon registration, but that was not always the case.
According to LeakedSource’s blog, the data was given by someone who used the alias “Tessa88.” This is the same false name that came up around the recent proliferation of user data from MySpace.
The most general password in the database was “123456,” with 709,067 appearances. Similarly, several other passwords were predictable, including “qwerty,” “123123,” and “qwertyuiop,” according to LeakedSource’s study.
The huge number of email addresses uses the “@mail.ru” domain, with 41,132,524. Other Russian services rule the list of top email domains, according to LeakedSource.
Neither Durov from Telegram or the press contact for VK have responded to a request for comment by Motherboard.
