• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 17th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News
Leaks

Hacker Selling 68 Million Stolen Dropbox User Accounts on Dark Web

September 4th, 2016 Waqas Security, Leaks 0 comments
Hacker Selling 68 Million Stolen Dropbox User Accounts on Dark Web
Share on FacebookShare on Twitter
The stolen Dropbox data is now available for sale on the dark web — Yet another blow to the online file hosting and storage giant.

On 31st August 2016, unknown hackers leaked 68 million Dropbox user accounts including login emails and encrypted passwords from a breach that took place in 2012. Initially, the leaked data was accessible to several breach notification sites such as Hacked-DB, LeakedSource, and HaveIbeenPwned, but now a vendor going by the online handle of “DoubleFlag” is selling the same DropBox data on a dark web marketplace known as TheRealDeal.

The data is being sold for BTC 02.000 (1209.38 US Dollar). The total number of accounts offered for sale are 68,679,804 which includes emails and encrypted passwords. There are 36,814,524 passwords that are encrypted with Secure Hash Algorithm 1 (SHA-1), 36,814,524 passwords are Brute force salt while 31,865,280 are encrypted with Blowfish encryption algorithm.

Remember, Blowfish is vulnerable to birthday attack, brute force salt is a random string added to a hash function to increase the security of decryption trys.

Must Read: Dropbox users hit with ‘urgent, highly confidential’ docs download phishing scam

68-million-dropbox-data-goes-dark-web

HackRead got in touch with the vendor who also shared 1000 Dropbox users’ data as a sample that shows email accounts from several email domains linked with the accounts and almost every user are also using the same email for their Facebook accounts.

68-million-dropbox-data-goes-dark-web-sale-2

We also contacted data breach notification company Hacked-DB and asked if these password hashes are easily crackable and according to them,

“It depends on the actual password complexity. SHA1 can be decrypted by using offline or online tools such as HashKiller.”

This is not the first time when such a massive amount of data went up for sale days after it was leaked. In fact, 2016 has been a bad year for tech and social media giants.

Must Read: Chinese Group ‘Admin338’ Use DropBox To Deliver Their Payload

[fullsquaread][/fullsquaread]

Earlier this year, hackers stole and sold 427 Million MySpace passwords on the same dark web marketplace; in May 2016, 117 million LinkedIn and 33 million Twitter login credentials and were listed on a dark web marketplace for sale.

Bad times for Dropbox just when they thought the nightmare was over… but it ain’t over till it’s over.

  • Tags
  • Dark Net
  • dark web
  • Data
  • Dropbox
  • hacking
  • internet
  • LEAKS
  • Privacy
  • security
Facebook Twitter LinkedIn Pinterest
Previous article OurMine Hacks Variety Website; Sends Fake Emails to Readers
Next article Hacked BitcoinTalk.org Forum Database Goes for Sale on Dark Web
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Warning as hackers breach MFA to target cloud services

Warning as hackers breach MFA to target cloud services

Google reveals high-profile attack targeting Android, Windows users

Google reveals high-profile attack targeting Android, Windows users

Owner forgets password to digital wallet with $240m of Bitcoin inside

Owner forgets password to digital wallet with $240m of Bitcoin inside

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
UK Police mistakenly deleted 150,000 arrest records in software glitch
Technology News

UK Police mistakenly deleted 150,000 arrest records in software glitch

2258
Facebook sues developer of data scraping extensions for Chrome
Cyber Crime

Facebook sues developer of data scraping extensions for Chrome

3277
Warning as hackers breach MFA to target cloud services
Cyber Attacks

Warning as hackers breach MFA to target cloud services

5108

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us