Friday, January 22, 17:34
Home security 23,600 compromised databases leaked to the internet

23,600 compromised databases leaked to the internet

More than 23.000 compromised databases are located available at hacking forums and Telegram channels, with security experts saying it's probably the biggest leakage in its kind.

violated databases

Databases are said to come from, a private service advertised in hacking forums.

In fact, Cit0day collects compromised databases data and then, gives criminals access to data, such as usernames, emails, addresses, and even passwords access (with daily or monthly charge).

The idea behind this site is not new. Cit0Day looks like older services like LeakedSource and WeLeakInfo, which were abolished in 2018 and 2020, respectively.

Cit0Day started operating in January 2018, when LeakedSource closed, and was heavily advertised in hacking forums.

However, the Cit0day site was shut down a while ago because it is said that FBI and the DOJ issued a decision to seize the main domain.

Immediately, various rumors began to circulate. Some of them reported that the creator of the site, a person known as Xrenovi4, may have been arrested. But all indications are that the FBI removal notice was fake.

She's the executive KELA (Raveed Laeb) told ZDNet that the seizure banner was the same as that of, a platform for hackers, Shopify type. It was essentially a copy and edit to fit the Cit0day site.

The FBI declined to comment.

In addition, no Cit0day-related arrest has ever been announced, which contradicts the way the FBI and DOJ operate. Both services "download" criminally sites, only when they can accuse and arrest their creators.

Violated databases are available for download online

It is not clear whether Xrenovi4 itself leaked the databases or whether data violated by an opposing gang. Anyway, Cit0day's entire collection of compromised databases was found in a well-known Russian-language hacking forum. Any criminal could download the collection for free.

In total, 23.618 compromised databases were provided for download through file-hosting portal MEGA. The link existed for only a few hours.

It is estimated that databases (50 GB in size) contain at least 13 billion user files. This has been confirmed by both users of the forums and the Italian company security D3Lab.

But even though the data was only available for a few hours, a problem arose. From October, Cit0day databases are located on Telegram and Discord channels, operated by well-known underground data brokers.

On Sunday, data was released on another hacking forum, even more popular.

The collection includes both new and old compromised databases

Most of the compromised databases include data from violations which had taken place years before.

In addition, many of them come from small and not so well known sites. However, data from known violations are also included. In most cases, the small ones sites they did not use security measures (not even passwords).

Now, this data is most likely used by criminal groups to carry out spam, credential stuffing and password spraying attacks against users who use the same passwords on different sites and platforms.

Although a lot of data comes from old breaches, it is a big leak that definitely affects many users.

Services like Cit0day bring old violations back to the surface.

The users should be mobilized and control the passwords they use on their websites accounts. Strong and unique passwords should be used and, where possible, apply multi-factor authentication.


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!


Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...

Fines at Valve, Capcom and Zenimax for geo-exclusion of games

Following a European Commission investigation, a group of video game publishers was fined € 7,8 million following allegations of geo-exclusion practices. In...

Bitcoin helps the middle class survive the pandemic

Regulators still imply that Bitcoin is just a tool for criminals, but it seems that for the middle class ...

Lightworks 2021.1 for Linux, Mac and Windows has been released

Lightworks Professional Multi-Platform Video Editing Software received the first major update to Lightworks 2021.1 for Windows, Linux and Mac.

Netflix: Watch the 9 best Anime movies of all time

One of the good things about the pandemic was that many people were introduced to the anime world. And the issue with anime is ...

CHwapi: Windows BitLocker "hit" the Belgian hospital!

The CHwapi hospital in Belgium was attacked by a cyber attack on January 17, with hackers claiming to have encrypted 40 servers and 100 ...

CPU / GPU Lotteries: Newegg sells the few on the market

Hardware shortages are not uncommon, but the pandemic has worsened the situation. The whole planet is closed to ...

United Kingdom: Malware infects laptops delivered to students

In the context of e-learning implemented in many countries since the outbreak of the COVID-19 pandemic, governments are distributing the necessary equipment ...

iOS 14.4: Anti-tracking feature released to developers

Apple yesterday released to developers "Release Candidates" for iOS 14.4 and the corresponding iPad. It is probably the last step ...