During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens. Data might have been stolen from multiple popular Chinese services, including Gongan County, Weibo, and QQ.
Gong’an County is a county in southern Hubei province, People’s Republic of China, bordering Hunan to the south. It is under the administration of Jingzhou City. A threat actor is offering sample data of alleged 999 household registrations of Chinese citizens from Gong’an county as a proof of the hack. Data belonging 7.3 million Chinese citizens are available for sale, the records include Id, Sex, Name, Birth, Mobile, Address, and Code number.
Experts also noticed the sale of data related to users of the Weibo platform.
“The threat actor was selling 41.8 million records on a Russian-speaking cybercrime forum.” reads the post published by Cyble.
“During the analysis of the sample data, it was noticed that the weibo_id and respective mobile number were listed in an excel sheet. The threat actor is selling details of 41.8 Million chinese users on the darkweb.”
Cyble researchers also discovered a threat actor offering records belonging to users of the popular Tencent-owned QQ instant messaging software service and web portal. The threat actor is selling details of 192 Million Chinese users on the darkweb.
The analysis of the sample data revealed the presence of the qq number and respective mobile number in an excel sheet.
The overall availability of records related to Chinese citizens is over 200 million.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, China)