3,279,064,312 login and password pairs. Until you see a larger number, this is the biggest data leak in history. It didn’t happen on the dark web: it happened on February 2 on the open internet, illuminated by Google’s indexing, inside GoFile, an anonymous file sharing platform. There you simply upload, receive an address and can distribute or sell. Technically, it is not even called a leak: there are many leaks gathered in a dump – a data dump.
The package offered is being called “Comb” on hacker forums, because the file name is CompilationOfManyBreaches (Compilation of Many Violations), compressed in 7z format for a total of 20 gigabytes for download. On Tuesday, February 2, the GoFile address where the Comb was stored was posted on a popular hacking forum. Initially the hacker asked for two dollars to make the file’s address available for download.
But why is the file so big? Because the person who gathered the data gathered large leaks, which may have included those from Netflix, LinkedIn, Exploit.in, Bitcoin and more. It is a leak comparable to the compilation that was published in 2017, with a total of 1.4 billion credentials.
In the file offered for download, the hacker included a script called count_total.sh. Coincidence or not, it’s the same name as the script included in the 2017 build. But the current build contains two other scripts: one called query.sh, to check for emails in the table; and another called sorter.sh, to sort the data. Count_total.sh, is a bash that counts the total number of lines in each file.
The hacker has already been banned from the fporum because he was considered a scammer: instead of opening just one conversation (thread) on the subject, he opened two. Each charge $ 2 to reveal the download address and password. As a result, he was banned.
Source: Cisoadvisor
