Bro, I've got people messaging me saying they're worried they're in the Discord leaks and if their photo and/or drivers license is leaked they're going to kill themselves because it'll out them for being gay, or it'll potentially expose them to stalkers again
Wtf
Wtf
π€£102π’41π±10β€5π―3π2π2π2π1π€1
This Discord Zendesk compromise has gotten more silly.
Previously, the Threat Actors responsible for the Discord Zendesk compromise claimed they had gotten access by compromising a BPO (Business Process Outsource) employee.
They were not lying.
It turns out that in August the Threat Actors who compromised Discord began sending emails to Discord outsourced employees offering them money in exchange for access to Discords internals.
The people they emailed was a very small team located in Southeast Asia. This particular office only has a handful of employees assigned to working Discord helpdesk (including age verification). This team is assigned to primarily handle back log work. This team had a great deal of access and were believed to be "trusted".
One of the emails this small team received offered $500 compensation to prove they're a Discord BPO employee. They offered an additional "several thousand dollar" lump sum payment in exchange for giving them access.
The Discord BPO employees were told to ignore the emails. Unfortunately, it appears one of these BPO employees did not ignore the emails and accepted the bribe.
$500 in this Southeastern Asian country is an astronomical amount of money. The "several thousand dollar" lump sum payment would be enough for this person to live comfortably for several years in their country.
Previously, the Threat Actors responsible for the Discord Zendesk compromise claimed they had gotten access by compromising a BPO (Business Process Outsource) employee.
They were not lying.
It turns out that in August the Threat Actors who compromised Discord began sending emails to Discord outsourced employees offering them money in exchange for access to Discords internals.
The people they emailed was a very small team located in Southeast Asia. This particular office only has a handful of employees assigned to working Discord helpdesk (including age verification). This team is assigned to primarily handle back log work. This team had a great deal of access and were believed to be "trusted".
One of the emails this small team received offered $500 compensation to prove they're a Discord BPO employee. They offered an additional "several thousand dollar" lump sum payment in exchange for giving them access.
The Discord BPO employees were told to ignore the emails. Unfortunately, it appears one of these BPO employees did not ignore the emails and accepted the bribe.
$500 in this Southeastern Asian country is an astronomical amount of money. The "several thousand dollar" lump sum payment would be enough for this person to live comfortably for several years in their country.
π₯°66π«‘20β€16π€£5π’4π1π1π€1
BreachedForum-dot-hn, the latest incarnation of Breached, has been seized by the United States Federal Bureau of Investigation.
It wasn't even alive for a month. God damn. FBI moving fast
It wasn't even alive for a month. God damn. FBI moving fast
π₯46π€£31π’12π2β€1π₯°1
vx-underground
This Discord Zendesk compromise has gotten more silly. Previously, the Threat Actors responsible for the Discord Zendesk compromise claimed they had gotten access by compromising a BPO (Business Process Outsource) employee. They were not lying. It turnsβ¦
It should be noted this is not the first time Insider Threats have damaged a company. Most notably, Coinbase had a problem with a BPO accepting bribes to get access to Coinbase internals.
Likewise, ransomware groups have historically looked for Insider Threats to get access
Likewise, ransomware groups have historically looked for Insider Threats to get access
π₯°31π10β€2π1
Chat, it's been another wonderful week of internet schizophrenia.
Will the Discord Zendesk nerds drop more data and cause more drama? What will happen to the BreachForum domain now that it's been seized? Will a new one appear? What the fuck happened to that RedHat data? How did the FBI seizure Breached so fast? Who is doing these massive DDoS attacks? How did the NCA UK arrest the pre school ransomware Threat Actors so fast? I had 12 tacos covered in hot sauce and my tummy hurts. Will I ever learn?
Find out next time on Dragon Ball Z
Will the Discord Zendesk nerds drop more data and cause more drama? What will happen to the BreachForum domain now that it's been seized? Will a new one appear? What the fuck happened to that RedHat data? How did the FBI seizure Breached so fast? Who is doing these massive DDoS attacks? How did the NCA UK arrest the pre school ransomware Threat Actors so fast? I had 12 tacos covered in hot sauce and my tummy hurts. Will I ever learn?
Find out next time on Dragon Ball Z
π₯78β€βπ₯5π5π€£2β€1π’1
vx-underground
Chat, it's been another wonderful week of internet schizophrenia. Will the Discord Zendesk nerds drop more data and cause more drama? What will happen to the BreachForum domain now that it's been seized? Will a new one appear? What the fuck happened to thatβ¦
I just learned it's Thursday, not Friday
β€45π€£31π’16π«‘9π€―5
Shuffle, the cryptocurrency based online casino, announced a security breach as a result of a 3rd party being compromised.
The 3rd party which was compromised is Fast Track. Fast Track is a CRM (Customer Relation Software) for managing things such as customer support tickets.
Shuffle has stated the 3rd party compromise has resulted in the exfiltration of the following data:
- Email
- Name (Full name not specified)
- Addresses (Unspecified in crypto address or physical)
- Transactions (Unspecified historical or specific)
- Bet data
This is eerily similar to the recent Discord Zendesk 3rd party compromise.
The 3rd party which was compromised is Fast Track. Fast Track is a CRM (Customer Relation Software) for managing things such as customer support tickets.
Shuffle has stated the 3rd party compromise has resulted in the exfiltration of the following data:
- Name (Full name not specified)
- Addresses (Unspecified in crypto address or physical)
- Transactions (Unspecified historical or specific)
- Bet data
This is eerily similar to the recent Discord Zendesk 3rd party compromise.
π€£66β€5π₯5π2π’1
vx-underground
Shuffle, the cryptocurrency based online casino, announced a security breach as a result of a 3rd party being compromised. The 3rd party which was compromised is Fast Track. Fast Track is a CRM (Customer Relation Software) for managing things such as customerβ¦
Dawg, if it comes out that this online casino was compromised as a result of an Insider Threat (bribery), I'm going to lose my mind
π₯°52π13β€4π2π€―1π’1
Whoa whoa whoa. Interesting update.
Yesterday Discord silently updated their breach notification press release.
They name dropped the BPO.
Why? π€
https://discord.com/press-releases/update-on-security-incident-involving-third-party-customer-service
Yesterday Discord silently updated their breach notification press release.
They name dropped the BPO.
Why? π€
https://discord.com/press-releases/update-on-security-incident-involving-third-party-customer-service
Discord
Update on a Security Incident Involving Third-Party Customer Service | Discord
At Discord, protecting the privacy and security of our users is a top priority. Thatβs why itβs important to us that weβre transparent with them about events that impact their personal information.
π€28π₯°6π4π«‘2π1
vx-underground
Whoa whoa whoa. Interesting update. Yesterday Discord silently updated their breach notification press release. They name dropped the BPO. Why? π€ https://discord.com/press-releases/update-on-security-incident-involving-third-party-customer-service
Part of me wonders if since I posted the compromise was the result of a BPO they decided to release more details on it.
Or maybe it's completely unrelated and just a coincidence, but it was unveiled at the same time
Probably just a coincidence, but I like to hope
Or maybe it's completely unrelated and just a coincidence, but it was unveiled at the same time
Probably just a coincidence, but I like to hope
π€28π€8π5π1
vx-underground
Part of me wonders if since I posted the compromise was the result of a BPO they decided to release more details on it. Or maybe it's completely unrelated and just a coincidence, but it was unveiled at the same time Probably just a coincidence, but I likeβ¦
"The weird stinky goth cat malware people said it was a BPO, we can say the public knew first. Post it!!!!?"
(Would be hilarious)
(Would be hilarious)
π€£31π8π₯°7π«‘2π1π’1
I get messages around the clock from nerds
I get information on products, breaches, forum drama, Threat Actors, what cybersecurity companies are doing, etc
Sometimes I feel like I've got an international network of spies that feed me intelligence. It's fucking badass
I get information on products, breaches, forum drama, Threat Actors, what cybersecurity companies are doing, etc
Sometimes I feel like I've got an international network of spies that feed me intelligence. It's fucking badass
π121π€£19π«‘10π₯4π₯°3β€1π’1
vx-underground
I get messages around the clock from nerds I get information on products, breaches, forum drama, Threat Actors, what cybersecurity companies are doing, etc Sometimes I feel like I've got an international network of spies that feed me intelligence. It's fuckingβ¦
Unironically, if it's not news or gossip, it's pictures of kitty cats. Basically, I'm living the dream
π₯°70π₯7π’1
SLSH 6.0 part 3 - lapsus$hiny$scatteredwizard
hell naw bih
Bro, c'mon. It's a fucking holiday weekend. Don't be like this. Wait until like, Tuesday or something. C'mon bro. You got all the time in the world to extort people
π€£51β€3π’2
vx-underground
Dawg, Microsoft found a Threat Actor that compromised a company and modified the internal payroll system so when paychecks were scheduled to be deposited it went into THEIR accounts, NOT the employees. That's fucking badass wtf I've never seen that before
I don't endorse crime, and I'm sorry people didn't get paid. But... bro, c'mon. That's fucking sick nasty. I've never seen that before. I'm so impressed.
π₯64π―12π«‘5π2π1
vx-underground
Dawg, Microsoft found a Threat Actor that compromised a company and modified the internal payroll system so when paychecks were scheduled to be deposited it went into THEIR accounts, NOT the employees. That's fucking badass wtf I've never seen that before
YoUvE nEvEr HeaRd oF ThIs?
No, I haven't. I don't know everything. I'm not an omnipotent being. Let me enjoy something I just learned and let me enjoy sharing it with others.
No, I haven't. I don't know everything. I'm not an omnipotent being. Let me enjoy something I just learned and let me enjoy sharing it with others.
π―88π€18β€15π₯5π₯°4π’1
Every second something is pirated
Because of this theft, groups like Metallica, or celebrities like Dwayne "The Rock" Johnson, may be unable to purchase their next series of mansions.
Dwayne "The Rock" Johnson only made $88,000,000 from the film "Red One". How will he survive?
Because of this theft, groups like Metallica, or celebrities like Dwayne "The Rock" Johnson, may be unable to purchase their next series of mansions.
Dwayne "The Rock" Johnson only made $88,000,000 from the film "Red One". How will he survive?
π’90π€£58π€―8π±3β€2π2π―1