Noam Rotem and Ran Locar with their research team found a database leak in YouHodler. YouHodler, A Crypto lending site offered an easy way for its users to apply for crypto-loans or turn their crypto-holdings into fiat currencies.
The breach has that more than 86 million records, including full customer names, email addresses, addresses, phone numbers, birthdays, credit card numbers, CVV numbers, complete bank details, and crypto wallet addresses in some cases, reads VPNMentor report.
YouHodler is considered to be one of the first Financial-Tech systems for customers to immediately transform their cryptographic assets to conventional currencies by using their crypto-holdings as collateral, users may also issue crypto-currency loans.
They transacted more than ten million dollars for 3500 clients, according to the YouHodler blog. The User Base of YouHodler covers over 35 nations worldwide like the United States, Canada, the United Kingdom, France and Russia are among the impacted nations.
Data included in the breach includes Full names, email addresses, Addresses, Phone numbers, Passport or ID numbers, Birthdays.
Passwords hashed with SHA-256, Credit card numbers, CVV numbers, Bank details, Crypto wallet addresses leaked due to this database breach are considered as the most valuable information.
It seems that YouHodler has stored users CVV numbers tagged them as “identity” without encrypting them. Initially, the research team was not able to get users complete card information however they got user’s BIN and last four digits of their cards. It was a small step to find the rest of the card data from the first example.
In this section, researchers found complete card number saved in plain text and its expiry date, but without a CVV number. The first example shows that researchers found all the data necessary to control the card in full, including CVV numbers.
Although the name of the cardholder is not included in any of these logs, several additional records have saved names and credit card numbers together.
An impersonator would have full ownership of a user’s credit card with full, unsecured credit card numbers, CVV digits, expiration dates, and cardholder names. This information could be used by impersonators for fraudulent activities can be used for the authentication process of user’s other accounts.
It could have severe implications for the type of information leaked from the YouHodler database. Any credit card information system that stores credit card data should take several safety measures. If YouHodler just saved the BIN and the last four digits of credit card number this would not have as much effect.
Logs found with information about user’s full name and address and with their bank details such as account number, SWIFT code, and the bank’s address as well.
It is ever dangerous to have the full address of a user, however when it’s linked to financial information the threat increases. This does not mean that users whose addresses were not disclosed are safe from theft.
A connection between a user’s wallet and their email address makes it simple to perform targeted phishing attempts for those with malicious intent.
This kind of breach also facilitates the tracking of customers using their crypto-holdings for illegal activity. Many conceal in attempt to undertake offenses behind the crypto’s anonymity and the dark web.
In addition to the direct theft and threats posed by the leak, stealing a user identity is a simple task thanks to the amount of the information contained in the database. The leaked data are capable of answering many identity verification questions.
Since a passport or ID number is also present, official documents can also be created and can be used for forgery and fraudulent activities.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.
Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…
Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…
The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…
A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…
Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…
A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…