Jump to content

GnosticPlayers

From Wikipedia, the free encyclopedia

GnosticPlayers is a computer hacking group, which is believed to have been formed in 2019 and gained notability for hacking Zynga,[1][2] Canva,[3][4] and several other online services.[5][6]

The Independent reported that GnosticPlayers had claimed responsibility for hacking other online businesses, and stealing hundreds of millions of credentials from web databases such as MyFitnessPal, Dubsmash, and fourteen others; and subsequently selling these credentials on the dark web.[7][8]

Reported members

[edit]

In 2020, cybersecurity author Vinny Troia published a report listing the following core group members:[9]

  • Maxime Thalet-Fischer, who went under the aliases DDB, Casper, RawData and Pumpkin, was the seller of the group.
  • Nassim Benhaddou, who went under the alias Prosox, was a member of the group and was known to be Gabriel's early associate. According to Troia, Benhaddou later went on to form the group ShinyHunters.[10]

In 2019, Nassim Benhaddou, Gabriel Kimiaie-Asadi Bildstein, as well as Maxime Thalet-Fischer, were arrested after Gabriel confessed that they hacked Gatehub.[9] The hack reportedly involved the theft of $9.5 million worth of cryptocurrency.[11]

Companies affected

[edit]

GnosticPlayers have taken public responsibility for the following data breaches:[9]

500px • 8fit • 8tracks • Animoto • Armor Games • Artsy • Avito • BlankMediaGames • Bookmate • Bukalapak • Canva • Chegg • CoffeeMeetsBagel • Coinmama • Coubic • DailyBooth • DataCamp • DubSmash • Edmodo • Epic Games • Evite • EyeEm • Fotolog • GameSalad • Gatehub • Ge.tt • GfyCat • HauteLook • Houzz • iCracked • Ixigo • Legendas.tv • LifeBear • Live Journal • LovePlanet • mefeedia • MindJolt • MyFitnessPal • MyHeritage • MyVestigage • Netlog & Twoo • OMGPop • Onebip • Overblog • Petflow • PiZap • PromoFarma • RoadTrippers • Roll20 • ShareThis • Shein • Singlesnet • Solstice • Storenvy • StoryBird • StreetEasy • Stronghold Kingdoms • Taringa • Wanelo • WhitePages • Wirecard • Yanolja • Yatra • YouNow • Youthmanual • Zomato • Zynga

A report published by security research firm Night Lion Security states that the core members of GnosticPlayers (who are also connected with groups The Dark Overlord and Shiny Hunters) have been involved in 25% of non-credit card related data breaches between January 1, 2017 and June 30, 2020.[9]

See also

[edit]

References

[edit]
  1. ^ Ivanova, Irina (2 October 2019). "Zynga data breach exposed 200 million Words with Friends players". CBS News. Archived from the original on Feb 22, 2024.
  2. ^ Hern, Alex (December 19, 2019). "170m passwords stolen in Zynga hack, monitor says". The Guardian. Archived from the original on Sep 13, 2023.
  3. ^ Vaas, Lisa (May 28, 2019). "Millions of Canva users' data stolen as GnosticPlayers strikes again". Naked Security. Archived from the original on Jul 21, 2023.
  4. ^ "Canva data breach: Why hacker Gnosticplayers boasted to the media". June 3, 2019.
  5. ^ Cimpanu, Catalin. "A hacker has dumped nearly one billion user records over the past two months". ZDNet.
  6. ^ "Times when 'Gnosticplayers' hacker made headlines for selling troves of stolen data on dark web". Cyware. September 30, 2019. Archived from the original on Mar 25, 2023.
  7. ^ "Dark web data dump sees 620 million accounts from hacked websites go on sale". Independent.co.uk. 13 February 2019.
  8. ^ "617 million hacked accounts put on sale on the dark web | Digit". www.digit.in. 13 February 2019.
  9. ^ a b c d "The Dark Overlord Cyber Investigation Report" (PDF). Night Lion Security. Archived (PDF) from the original on Dec 11, 2023.
  10. ^ "GnosticPlayers Part 1: An Overview of Hackers Nclay, DDB, and NSFW". Night Lion Security. 2019-12-30. Retrieved 2021-01-25.
  11. ^ Cimpanu, Catalin. "Hackers steal $9.5 million from GateHub cryptocurrency wallets". ZDNet. Retrieved 2021-01-25.