A database containing hundreds of millions of detailed records on U.S. voters and consumers is being offered for sale on several dark forums, a new report said.
The sellers, which include a number of different hackers, claim that they have personally identifiable information (PII) from 186 million records, Trustwave's SpiderLabs said in a blog post. The cyber crew reportedly has in its hands data on U.S. voters that includes names, addresses, age, gender and political affiliation. One third of the records were said to include stolen phone numbers. Based on Bitcoin transaction data Trustwave compiled, the cyber gangsters have pocketed at least $100 million from database sales since May, 2020.
Hackers use voter and consumer information to launch election disinformation campaigns via social media along with social engineering schemes such as email phishing, and text and phone scams. The online thread about the U.S. voter database has been recently deleted from the forum, prompting Trustwave’s researchers to speculate that the site administrator may have been feeling the heat from law enforcement agencies. Trustwave researchers subsequently located the seller who claimed the database was still for sale.
“Cybercriminals have figured out ways to monetize the upcoming elections using information from data leaks and publicly available sources and are actively shopping them for profit,” wrote Ziv Mador, SpiderLabs’ security research vice president. The security researcher was not able to pin down a price for the U.S. voter database.
Some of the crooks’ haul has also come from databases with PII on people in Canada, Ireland, South Africa, the U.K. and other countries, Trustwave said.
A portion of the massive trove of records is generated from publicly available government resources. Other details were “likely obtained from various data leaks,” the Chicago, Illinois-based security specialist said. The hackers have apparently made it no secret to potential buyers that the information they’re peddling can be gathered from other sources.
On a dark forum called raidforums that Trustwave has tracked for about a month, GreenMoon2019 appear to be the main actor selling databases housing U.S. voters' information. The English speaking hacker reportedly maintains and sells other large databases. Databases sold on raidforums typically bring the sellers a few hundred dollars payable in Bitcoin, Trustwave said.
