Crypto Loans Platform YouHodler Exposes Unencrypted Customer data that Includes Credit cards and Bank Details

Noam Rotem and Ran Locar with their research team found a database leak in YouHodler. YouHodler, A Crypto lending site offered an easy way for its users to apply for crypto-loans or turn their crypto-holdings into fiat currencies.

The breach has that more than 86 million records, including full customer names, email addresses, addresses, phone numbers, birthdays, credit card numbers, CVV numbers, complete bank details, and crypto wallet addresses in some cases, reads VPNMentor report.

YouHodler is considered to be one of the first Financial-Tech systems for customers to immediately transform their cryptographic assets to conventional currencies by using their crypto-holdings as collateral, users may also issue crypto-currency loans.

They transacted more than ten million dollars for 3500 clients, according to the YouHodler blog. The User Base of YouHodler covers over 35 nations worldwide like the United States, Canada, the United Kingdom, France and Russia are among the impacted nations.

Exposed Financial and Personal Data – YouHodler

Data included in the breach includes Full names, email addresses, Addresses, Phone numbers, Passport or ID numbers, Birthdays.

Passwords hashed with SHA-256, Credit card numbers, CVV numbers, Bank details, Crypto wallet addresses leaked due to this database breach are considered as the most valuable information.

It seems that YouHodler has stored users CVV numbers tagged them as “identity” without encrypting them. Initially, the research team was not able to get users complete card information however they got user’s BIN and last four digits of their cards. It was a small step to find the rest of the card data from the first example.

In this section, researchers found complete card number saved in plain text and its expiry date, but without a CVV number. The first example shows that researchers found all the data necessary to control the card in full, including CVV numbers.

Although the name of the cardholder is not included in any of these logs, several additional records have saved names and credit card numbers together.

An impersonator would have full ownership of a user’s credit card with full, unsecured credit card numbers, CVV digits, expiration dates, and cardholder names. This information could be used by impersonators for fraudulent activities can be used for the authentication process of user’s other accounts.

It could have severe implications for the type of information leaked from the YouHodler database. Any credit card information system that stores credit card data should take several safety measures. If YouHodler just saved the BIN and the last four digits of credit card number this would not have as much effect.

Logs found with information about user’s full name and address and with their bank details such as account number, SWIFT code, and the bank’s address as well.

It is ever dangerous to have the full address of a user, however when it’s linked to financial information the threat increases. This does not mean that users whose addresses were not disclosed are safe from theft.

A connection between a user’s wallet and their email address makes it simple to perform targeted phishing attempts for those with malicious intent.

This kind of breach also facilitates the tracking of customers using their crypto-holdings for illegal activity. Many conceal in attempt to undertake offenses behind the crypto’s anonymity and the dark web.

In addition to the direct theft and threats posed by the leak, stealing a user identity is a simple task thanks to the amount of the information contained in the database. The leaked data are capable of answering many identity verification questions.

Since a passport or ID number is also present, official documents can also be created and can be used for forgery and fraudulent activities.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…

1 day ago

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…

1 day ago

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…

1 day ago

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…

1 day ago

Araneida Scanner – Hackers Using Cracked Version Of Acunetix Vulnerability Scanner

Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…

2 days ago

A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…

2 days ago