"Doxbin Leak Includes Criminals' Data, Could Boost Hacking"

According to security experts, threat actors using the data-sharing website, Doxbin, have had highly sensitive information leaked online. Doxbin is often used by hackers to dump their victims' Personally Identifiable Information (PII). According to the threat intelligence firm, Cyble, and independent researcher and threat hunter, Troy Hunt, the leaked data includes PII belonging to an undisclosed number of Doxbin users, including hackers and their victims. This data contains plaintext passwords, multi-factor authentication codes, stealer logs, and chat history. On January 8, Hunt revealed that Doxbin had 380,000 email addresses across user accounts and doxes shared online. Cyble estimates that over 700,00 email addresses were leaked, based on a recent count. A report released by Cyble also reveals that the leaked information includes the identities of the threat actors' family members, IP addresses, and geolocation. Cyble says the doxed information contains work-related information that could be used to perform phishing attacks. The firm warns of an increase in identity theft and other malicious activities because of the Doxbin leak. Based on discussions on the dark web observed by Cyble, the leaked doxed information can augment or verify law enforcement agencies' investigative work. Dhanalakshmi PK, senior director of malware and intelligence research at Cyble, says that the leaked information could be aliases used by threat actors, and therefore, may not be real. However, she adds that it could help authorities verify information about the threat actors. This article continues to discuss the source and potential impact of the Doxbin leak. 

BankInfoSecurity reports "Doxbin Leak Includes Criminals' Data, Could Boost Hacking"