JMH3143· Microsoft MVP, Microsoft Support Visiting Expert,
Discussion Starter · #1 ·
https://nakedsecurity.sophos.com/20...dating-website-accounts-for-sale-on-dark-web/How much do you think your identity is worth?
What about your deepest, darkest secrets – like your sexual fantasies, or your desire to cheat on your spouse?
You might even be willing to pay a hefty ransom to protect your secrets from being exposed, but it turns out your sexual proclivities aren’t worth very much to a cybercriminal – a paltry eight thousandths of a cent, in fact.
That’s apparently the going rate on dark web cybercrime forums for account credentials stolen from adult dating and pornographic websites.
Last week a hacker on the dark web forum known as The Real Deal was offering a trove of 3.8 million email address and hashed password combinations stolen from the porn website Naughty America, for just 0.7048 bitcoins, or about $300.
Naughty America hasn’t said whether the dark web data batch is legitimate, but Forbes.com writer Thomas Fox-Brewster, who first reported the alleged breach, said he obtained a small number of account details and reached a handful of users who confirmed they had accounts on Naughty America websites.
As Forbes reported, the low price tag for the Naughty America data was probably due to the fact that the account passwords were protected with bcrypt, a strong cryptographic algorithm used for storing passwords so they’re time-consuming to crack, even if a crook steals the database and can attack it off-line.