The popular data breach notification service – Have I Been Pwned has added over 441,000 email IDs from the RedLine dump, to let users search for their compromised status.
RedLine is an information-stealing malware that collects senstive data from users’ browsers. Last week, a server containing over 6 million records was exposed, belonging to RedLine. Verifying it, there are over 441K unique email IDs that surfaced, which are now added to Have I Been Pwned.
Over 441,000 Unique Records
A couple of years ago, researchers have detailed a new information-stealing malware called RedLine. This malware is distributed through various means like phishing emails, crack sites, and YouTube scams. And is capable of stealing browser cookies, credentials, credit cards, and autofill data.
Further, it can even steal the victims’ cryptocurrency wallets and credentials stored in VPN clients and FTP clients. Aside from stealing data, RedLine can also act as a backdoor, and inject additional software or execute commands as per the hacker’s choice.
All the stolen data will be grouped as “logs” and be exported to a remote server, from which the hacker can then collect later. Last week, a security researcher named Bob Diachenko has discovered an exposed server, belonging to RedLine that has over 6 million records!
Redline Stealer malware logs with more than 6M records were exposed online, publicly (now taken down). Internationally sourced data, exfiltrated in Sept and Aug 2021. RS is the key source of identity data sold on online criminal forums since its initial release in early 2020. pic.twitter.com/kv9MNL8hAE — Bob Diachenko (@MayhemDayOne) December 25, 2021
