A hacker going by the name TheNeoBoss is actively selling databases containing hundreds of thousands of user credentials from several porn sites belonging to Paper Street Media (PSM) on the Dark Web.
TheNeoBoss said he used an SQL injection to grab the database of TeamSkeet, among other sites, but PSM is denying any breach took place, according to Motherboard.
However, Malwarebytes Senior Security Researcher Jerome Segura was able to check for SCMagazine.com that TheNeoBoss had indeed placed the data for sale on the dark web.
“We had a look and think it may be legitimate,” Segura told SCMagazine.com in an email Monday.
Screenshots show TheNeoBoss has 237,000 users of TeamSkeet along with 50,000 from other PSM entities to sell off with information that includes name, username, password, email address and street address.
A screen shot of TheNeoBoss' post. Courtesy of Malwarebytes. |
On the Dark Web TheNeoBoss wrote a brief intro to what he was offering for sale.
“So recently I managed to breach TeamSkeet.com, the giant USA porn network. By purchasing this database you will basically have free porn accounts for life, or you could sell them separately,” he said.
According to Motherboard, TheNeoBoss said he was taking this action to ‘publicly shame' PSM for its poor security hygiene.
TheNeoBoss is charging 0.962 Bitcoins, or about $400, for the data.
At press time, PSM hadn't responded to SCMagazine.com's request, via social media, for comment.