Mathway, a popular app for solving math problems, has its data stolen and being sold in hacking forums now. The culprits here are identified to be ShinyHunters, the ones behind Tokopedia, Chatbooks, Zoosk, etc. The database theyโre selling was claimed to be stolen in January, and now selling it for $4,000 worth Bitcoin/Monero in several hacking groups. Mathway said itโs investigating the incident and informing their customers.
Itโs ShinyHunters Again!
ShinyHunters is the hottest cybercriminal group hailing in security space now. Itโs responsible for Tokopedia, and many other breaches like Zoosk, Chatbooks, Mindful, SocialShare, etc. Itโs infamous for selling the stolen data in public groups, thinking it a better way to monetize their activities rather than asking for ransom from victims.
Earlier this month, ShinyHunters have put up over 73 million records for several companies for sale, and researchers estimate it couldโve sold over 200 million stolen records to date.
And the latest victim falling into the hands of this group, is Mathway, a popular platform for assisting users with basic and advanced math problems. Though itโs target customers are mostly children, itโs hailed to be a popular service and standing top in both Playstore and Appstore. ShinyHunters have said that they breached into the Mathwayโs backend network in January this year and dumped the data they needed.
Later now, theyโre selling that stolen data of over 25 million records consisting of usernames and hashed passwords, in public hacking forums. Reports from data brokers telling the database were being sold on Telegram groups too! The hash algorithm used for passwords is still unknown, thus a long way to break them.
But itโs still up for sale for $4,000 in Bitcoin or Monero. Mathway said, it did discover this intrusion and now informing its customers. And as a precaution, all users are advised to change their passwords immediately.
Via: ZDNet