Last year, Ticketmaster was the victim of a cyberattack. Cybercriminals stole the data of 500 million customers, as well as nearly 40,000 event tickets. The personal information quickly found its way onto black markets, including BreachForums, a criminal forum that has since shut down. ShinyHunters, a gang specializing in data theft, was behind the extortion operation.
Shortly after the data leak, it emerged that the hack of the platform, which specializes in selling tickets for shows and sporting events, was a direct result of a leak at Snowflake. The cloud storage company was hit by a major attack. Using compromised credentials, hackers broke into the accounts of a plethora of Snowflake customers. The breach resulted in the theft of data from over 150 companies.
Gang Resells Data Stolen Last Year
A year after the incident, data stolen from Ticketmaster has resurfaced on the dark web. On its website, Arkana Security, a gang specializing in ransomware extortion, has put up for sale a repository of data relating to the platform's customers. The group has posted screenshots showing some of the data in their possession.
At first, everything suggested that Ticketmaster had been the target of a new cyberattack. The hackers readily implied that a new breach had been orchestrated by them.
Experts at Bleeping Computer quickly found several clues that the data obtained by Arkana Security was the same as that compromised in May 2024. Among the documents shared by the hackers on the dark web, one bore a caption mentioning RapeFlake, a tool designed to detect vulnerabilities and extract information from databases hosted by Snowflake. It is therefore clear that the gang is only recycling data that has already circulated widely on black markets.
As always, cybercriminals are looking to make money by any means. It is unknown whether Arkana Security purchased the data from ShinyHunters, the group responsible for the theft, or whether the two gangs are collaborating. In any case, the ad has been removed from the Arkana Security website...
Source: Bleeping Computer
0 Comments