14 DAY TRIAL // The hacker known as C0mrade has published the login credentials, comprising email addresses and passwords, of over 84,000 users. He claims that the data was obtained by launching a man-in-the-middle attack against vulnerable software utilized by telecommunications networks from Mexico and Spain.
“America’s establishment is based on lies and country-rulers who set precedents that don’t uphold the constitution, observe the laws or the welfare of the United States of America. I’m not an abomination of Obama’s nation. Do you need a translation? The world is our little playground,” the hacker wrote.
“[Expletive] regulations. How did Saddam Hussein get access to Chemical Weapons? You guessed it right folks, we sold him that [expletive]. We’re an army of both men and women and coherently, we’re hell-razors of the 21st Century. What you think we hack for, to push an [expletive] RAV4?”
The statement posted by the hacker doesn’t provide many explanations regarding how he obtained all those credential sets or what the names of the victim companies are.
“I had access to a Mexico and Spain Telecommunication Network. I have access to telephone lines, intercoms, and I have the ability to flag user accounts and even create falsified accounts that I could potentially use as a decoy,” he explained.
After analyzing the leaked data, we’ve determined that many of the Hotmail, Yahoo, AOL and Gmail addresses don’t show up elsewhere on the Internet, which means that the information isn’t taken from older data leaks, as we’ve seen on numerous occasions in the past weeks.
Furthermore, all the passwords are in clear text and they appear to be associated with the email accounts that show up in the dump.
Also, the usernames seem to legitimately belong to Spanish-speaking users.
It’s uncertain if the hacker has published all the data he stole, but we have been able to count just over 84,000 usernames and passwords, not 110,000 as he claimed.
We have attempted to contact the hacker to find out which are the affected companies. We’re also interested in learning why a “white hat” would leak all those clear text passwords.
Update. The hacker told Softpedia that a couple of the affected companies are Mexicomo and MercuryInternet. We've attempted to contacted the firms, but so far none of them has responded to our inquiry.
Regarding his reasons for leaking the large quantity of sensitive data the hacker said:
It's not a matter of sides anymore. They're not paying attention at all. I'm trying to reconcile and help out but I'm not being heard. Now they'll hear me, you know? That's the whole point of it.