Sat. Jun 6th, 2020

Hackers are selling millions of Chinese banks user data on the dark web

2 min read

A few days ago, when security practitioners conducted daily inspections on the dark web and black market, they discovered that hackers were selling millions of user data of some well-known Chinese commercial banks.

Banks involved include well-known institutions such as Bank of Shanghai, the Industrial Bank, Shanghai Pudong Development Bank, China Merchants Bank, and Ping An Insurance.

The data sold by the hackers include a variety of data such as the customer’s name, ID number, mobile phone number, landline, detailed address, postal code, position, and industry.

Judging from the posts posted by the hackers, both Chinese and English are used by the hackers, but the Chinese part is slightly lame, so the Chinese may not be the hacker’s native language.

Judging from some samples and prices released by hackers, the credibility of these data is not high. After all, the price of so much information is very low.

ICS Attack Framework “TRITON”

According to screenshots released on the dark web, there are 803,155 pieces of customer information related to Bank of Shanghai, and each piece of data contains various detailed information of users.

There are 100,000 data related to Shanghai Pudong Development Bank. The data includes customer name, gender, mobile phone number, ID card number, and contact address.

There are 63,000 data related to China Merchants Bank Shanghai Branch. The data includes name, customer type, ID number, address postal code and contact phone number.

There are 900,000 data related to the Agricultural Bank of China, and the sale price of these data by hackers is the US $3,999.

There are 460,000 data related to the Industrial Bank of China, of which the Industrial Bank mainly provides credit card data, including the name of the customer and the information provided when applying.

In addition, the data seems to sort out the information of 200,000 business representatives separately after preliminary classification. Such data does not include the ID number but only includes information related to the business.

Although the sample data provided by the hackers look very detailed and involves a variety of user information, the overall credibility of these data is still relatively low.

The reason for the judgment is that the amount of data is very large but the price is ridiculously low. At the same time, information such as corporate representatives does not contain sensitive data and may be information obtained from public sources.

In terms of price, 900,000 pieces of data are only sold for $3,999. If such a large amount of data is real data, the actual selling price may be more than eight or nine times higher.

Judging from the above information, the credibility of these databases is relatively low. It may be that the leaked information collected by hackers from other sources is then collated together.

Via: caixinglobal