Thursday, July 25, 2024

Crypto Loans Platform YouHodler Exposes Unencrypted Customer data that Includes Credit cards and Bank Details

Noam Rotem and Ran Locar with their research team found a database leak in YouHodler. YouHodler, A Crypto lending site offered an easy way for its users to apply for crypto-loans or turn their crypto-holdings into fiat currencies.

The breach has that more than 86 million records, including full customer names, email addresses, addresses, phone numbers, birthdays, credit card numbers, CVV numbers, complete bank details, and crypto wallet addresses in some cases, reads VPNMentor report.

YouHodler is considered to be one of the first Financial-Tech systems for customers to immediately transform their cryptographic assets to conventional currencies by using their crypto-holdings as collateral, users may also issue crypto-currency loans.

They transacted more than ten million dollars for 3500 clients, according to the YouHodler blog. The User Base of YouHodler covers over 35 nations worldwide like the United States, Canada, the United Kingdom, France and Russia are among the impacted nations.

Exposed Financial and Personal Data – YouHodler

Data included in the breach includes Full names, email addresses, Addresses, Phone numbers, Passport or ID numbers, Birthdays.

Passwords hashed with SHA-256, Credit card numbers, CVV numbers, Bank details, Crypto wallet addresses leaked due to this database breach are considered as the most valuable information.

It seems that YouHodler has stored users CVV numbers tagged them as “identity” without encrypting them. Initially, the research team was not able to get users complete card information however they got user’s BIN and last four digits of their cards. It was a small step to find the rest of the card data from the first example.

In this section, researchers found complete card number saved in plain text and its expiry date, but without a CVV number. The first example shows that researchers found all the data necessary to control the card in full, including CVV numbers.

Although the name of the cardholder is not included in any of these logs, several additional records have saved names and credit card numbers together.

An impersonator would have full ownership of a user’s credit card with full, unsecured credit card numbers, CVV digits, expiration dates, and cardholder names. This information could be used by impersonators for fraudulent activities can be used for the authentication process of user’s other accounts.

It could have severe implications for the type of information leaked from the YouHodler database. Any credit card information system that stores credit card data should take several safety measures. If YouHodler just saved the BIN and the last four digits of credit card number this would not have as much effect.

Logs found with information about user’s full name and address and with their bank details such as account number, SWIFT code, and the bank’s address as well.

It is ever dangerous to have the full address of a user, however when it’s linked to financial information the threat increases. This does not mean that users whose addresses were not disclosed are safe from theft.

A connection between a user’s wallet and their email address makes it simple to perform targeted phishing attempts for those with malicious intent.

This kind of breach also facilitates the tracking of customers using their crypto-holdings for illegal activity. Many conceal in attempt to undertake offenses behind the crypto’s anonymity and the dark web.

In addition to the direct theft and threats posed by the leak, stealing a user identity is a simple task thanks to the amount of the information contained in the database. The leaked data are capable of answering many identity verification questions.

Since a passport or ID number is also present, official documents can also be created and can be used for forgery and fraudulent activities.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.


Latest articles

ShadowRoot Ransomware Attacking Organizations With Weaponized PDF Documents

A rudimentary ransomware targets Turkish businesses through phishing emails with ".ru" domain sender addresses....

BreachForumsV1 Database Leaked: Private messages, Emails & IP Exposed

BreachForumsV1, a notorious online platform for facilitating illegal activities, has reportedly suffered a massive...

250 Million Hamster Kombat Players Targeted Via Android And Windows Malware

Despite having simple gameplay, the new Telegram clicker game Hamster Kombat has become very...

Beware Of Malicious Python Packages That Steal Users Sensitive Data

Malicious Python packages uploaded by "dsfsdfds" to PyPI infiltrated user systems by exfiltrating sensitive...

Chinese Hackers Using Shared Framework To Create Multi-Platform Malware

Shared frameworks are often prone to hackers' abuses as they have been built into...

BlueStacks Emulator For Windows Flaw Exposes Millions Of Gamers To Attack

A significant vulnerability was discovered in BlueStacks, the world's fastest Android emulator and cloud...

Google Chrome 127 Released with a fix for 24 Security Vulnerabilities

Google has unveiled the latest version of its Chrome browser, Chrome 127, which is...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles