Weeks after few Indian companies experiencing data breaches, fake news about the CoWIN portal being hacked is circulating among the citizens.
This comes after few threat intelligence services sharing a dark web post – regarding an unknown marketplace selling the COVID-19 vaccination database of India.
The seller claims the database has sensitive data of about 150 million Indians, leaking their Name, Mobile Number, Aadhaar ID, GPS (PinPoint) Location, State, etc. It was offered for $800 but soon turned out to be fake.
Luring Buyers Without Samples!
Remembering an old saying, the offer is too good to be true. Soon after the images of that post being shared on Twitter, many started following the thread and some asked the URL for accessing it.
[ALERT] Dark Leak Market on the DarkWeb has posted a post selling information of 150 Million COVID19 Vaccinated People of India. pic.twitter.com/32Chmcao9W
— DarkTracer : DarkWeb Criminal Intelligence (@darktracer_int) June 10, 2021
While I have managed to get the URL to the site selling it – DARK LEAK MARKET, it failed to load. The exact reason for this is unknown, and I ignored it since many unpopular dark websites often have weak hosting causing frequent downtime.
But, it soon turned to be fake due to various reasons. Finally, I found a mediator pushing potential buyers towards the deal, and a conversation with him provided me a dark web link – redirecting to the payment page of the database.
[Alert] #CowinPortal Not Hacked!! Some Fake #DarkwebLeakMarket are claiming to sell data of 150 Million COVID19 Vaccinated People of India. It's completely fake. It's a Bitcoin Scam. Don't Trust. Check Screenshots. They are listing fake leaks. #Infosec @journoprasoon @ETtech pic.twitter.com/c39IGDT4dz
— Rajshekhar Rajaharia (@rajaharia) June 10, 2021
And when asked for samples, he declined to provide them and eventually ignored them. Soon after this, Rajshekhar Rajaharia, a security researcher, posted, saying the marketplace is fake and meant for scamming people.
As the site’s URL is often being charged, it’s likely true, and they’re asking for payment even for the samples. However, as it’s unlikely that any seller would charge potential buyers for samples, this manipulative deal can safely be ignored.