People who have been using the Internet for quite some time now will recall the name iMesh, a once popular peer-to-peer file sharing platform. Although this platform has been defunct for some time, a hacker managed to obtain a database containing 51 million accounts. Obtaining this information can be done through The Real Deal deep web marketplace, for the price of one Bitcoin.
Also read: Cerber Bitcoin Ransomware Now Includes Malware Factory Automation
Data breaches are becoming a norm rather than the exception these days, and it appears as if the same hackers are responsible for most incidents. Peace, the alleged hacker of LinkedIn, is the person behind this iMesh account breach as well. In total, he managed to obtain 51 million accounts and a lot of sensitive information as well.
iMesh Database For One Bitcoin
Very few iMesh users were aware of how the platform logged their IP addresses and country location every time they connected to the service. Other stolen data includes email addresses, usernames, and passwords. At the time of writing, the company declined to confirm or deny these data breach allegations.
It is rather strange to see this event transpire right now, so close after other significant data breaches. That being said, the platform was losing a lot of popularity ever since it went into the legal side of the spectrum. A lot of people used this tool in the early days of the Internet for piracy purposes, including the distribution of adult material and cracked PC games.
Although iMesh tried to protect its users’ data by applying the MD5 hash function, the salted passwords were rather easy to break. It is not clear whether Peace cracked the passwords himself, or if a third party was involved in this process. We do know the database is up for sale on the deep web, though.
As one would come to expect from illegal goods and services being sold on the deep web, Bitcoin is the preferred method of payment. Interested parties can obtain the iMesh database for the price of one Bitcoin. It is expected there will be many interested parties as the combination of email address, passwords, and geolocation can be used for geo-targeted spam emails.
Do you remember the iMesh platform, and if so, were you a paying member? Let us know in the comments below!
Source: Threatpost
Images courtesy of Imesh, Shutterstock