Thursday, July 18, 2024
EHA

35 Million U.S Voter Records Selling in Popular Dark web Hacking Forum from $150 USD to $12,500 USD

Researchers uncovered a database contains almost 35 Million U.S Voter Records that selling in the popular hacking forum at a various price from $150 USD to $12,500 USD depends on the buyer’s requirement.

The database is very large and it contains very valuable personally identifiable information, voting history and the price includes for each and every states.

There is 19, U.S states database are posted for sale in the underground hacking forum that includes 23 million records for just three of the 19 states and rest of the state’s records having different numbers.

Researchers said, “To our knowledge,  this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data, including US voters’ personally identifiable information and voting history”.

In this case, sellers indicate that they receive weekly updates of voter registration data across the states and they receive information via contacts within the state governments.

Its seems threat actors legitimately obtain the database from the state government and using it for malicious purpose in a hacking forum.

Sales Advertisement in Hacking Forum

An Advertisement that posted in the popular English-language speaking hacking forum on October 5, 2018, shows that the following 19 states affected citizens records.

  • Georgia
  • Idaho
  • Iowa
  • Kansas
  • Kentucky
  • Louisiana
  • Minnesota
  • Mississippi
  • Montana
  • New Mexico
  • Oregon
  • South Carolina
  • South Dakota
  • Tennessee
  • Texas
  • Utah
  • West Virginia
  • Wisconsin
  • Wyoming

The price of the U.S Voter Records fixed based on a number of voter records per database listing and/or, to a lesser degree of confidence and the price range fixed from $150 USD to $12,500 USD depending on the state.

Texas($1300), Wisconsin($12,500) and Louisiana($5000) state record only covered 23 million records and the rest of the record belongs to remaining states.

Threat actor also organized a crowdfunding campaign to purchase each U.S Voter Records registration database where he mentioned that the all earlier purchased users will be having Kansas voter database for free.

According to Anomali Labs , A second crowdfunding project, voted by forum members to select the next state, is close to 20.7% of its funding goal. Oregon currently leads the voting for the second state to be published.

“This type of information can facilitate criminal actions such as identity fraud or allow for false submissions of changes online to voter registrations, making some legitimate voters ineligible to cast ballotsIn a voter identity theft scenario, fraudsters can cause disruptions to the electoral process through physical address changes, deletion of voter registrations, or requests for absentee ballots on behalf of the legitimate voter”.Anomali Labs said.

Also Read:

Thousands of US Voters Personal Data Leaked Online Again

California Voter Database Leaked – 19 Million Voters Records Under Risk

Hackers Stole More than 19 Million Records of California State Voter Database

198 Million American Voters Personal Records Leaked In Public- Biggest Voters Data Leak Ever

Website

Latest articles

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...

Cybercriminals Exploit Attack on Donald Trump for Crypto Scams

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet...

New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites

HTTP Request Smuggling is a flaw in web security that is derived from variations...

Volcano Demon Group Attacking Organizations With LukaLocker Ransomware

The Volcano Demon group has been discovered spreading a new ransomware called LukaLocker, which...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles