Symantec cybersecurity experts: The malware deployment is preceded by a reconnaissance with the AdFind tool. The victims are large organizations.
ZDNet: More than 23,000 hacked databases are available on forums and Telegram channels. The collection (estimated at around 50GB and 13 billion user record) have originated from Cit0Day.in
More than 23,000 hacked databases have been made available for download on several hacking forums and Telegram channels. It has been denounced by ZDNet cybersecurity experts. It could be the biggest leak of its kind. It seems the collection (estimated at around 50GB and 13 billion user record) have originated from Cit0Day.in, a service advertised on hacking and cybercrime forums, that operated by collecting hacked databases and then providing access to other hackers for a daily or monthly fee. The website went down on September 14, when the main domain sported an FBI and DOJ seizure notice, but suddenly it reappeared.
The cybersecurity experts: Since October data has been shared in private and via Telegram and Discord channels. Furthermore, a third of the Cit0day database was shared online again on an even more popular hacker forum
Furthermore, the Cit0Day.in entire collection of hacked databases was provided as a free download on a well-known forum for Russian-speaking hackers. In total, 23,618 hacked databases were provided for download via the MEGA file-hosting portal. The link was live only for a few hours before being taken down following an abuse report. According the cyber security experts, since October the data has been shared in private and via Telegram and Discord channels operated by known underground data brokers. Furthermore, a third of the Cit0day database also made a comeback on Sunday when it was shared online again, this time on an even more popular hacker forum.