Users May Risk Losing their Passwords on Dark Web For Sale – Disposable mail news


In April, Zoom became one of the many victims of the companies that lost their user data to the hackers. Zoom, which is one of the top online video conference platforms, lost more than half a million of account logins on the dark web. The leaked passwords could be bought either for free or for a minimal amount of money.

Understandably, the users are blaming the Zoom company for losing its accounts, and they have every right to do so. It is, however, a part of much bigger trouble that includes hackers, some criminal niches on the Internet, and the fault of our own to set very weak user passwords.

How passwords end up on the dark web? 



Every year, more than hundreds of millions of user accounts end up getting exposed to the dark web, either through malware or phishing attacks. According to a report by Privacy Rights Clearinghouse, a non for profit organization in California, around 11.6 Billion user accounts have been hacked since the year 2005.

The hacked accounts are then either uploaded on hacker websites or posted on the dark web for sale.

These websites and dark web can be accessed only through a specific browser called Tor. “Then there’s Tor, the darkest corner of the Internet. It’s a collection of secret websites (ending in .onion) that require special software to access them. People use Tor so that their Web activity can’t be traced — it runs on a relay system that bounces signals among different Tor-enabled computers around the world,” says Jose Pagliery from CNN Business.]
The hackers use these purchased passwords and try logging in with them to several other websites until they are successful, a technique known as credential stuffing.

The hackers used credential stuffing to steal more than 500,000 Zoom user accounts and uploaded them later on the dark web. In response to this, Zoom spokesperson has confirmed that they suspect the hackers used credential stuffing to breach the accounts. “You can help prevent some of these attacks by banning the use of bad passwords, blocking legacy authentication, and training employees on phishing,” says Microsoft’s security website on “how to prevent your company from web attacks.”


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Hackers sell data of 80 thousand cards of customers of the Bank of Kazakhstan – Disposable mail news

An announcement about the sale of an archive of stolen data from 80,000 Halyk Bank credit cards appeared on the Darknet’s site Migalki.pw.

It should be noted that Halyk Bank of Kazakhstan is the first Bank in the country in terms of the number of clients and accumulated assets. This is not the first time for a Bank when data has been compromised.

The fact that the archive consists only of Halyk Bank cards suggests that the cards were stolen inside the structure.

Typically, identifiers of stolen cards are obtained using MitM attacks (Man in the middle). While the victim believes that he is working directly, for example, with the website of his Bank, the traffic passes through the smart host of the attacker, which thus receives all the data sent by the user (username, password, PIN, etc.).

It is possible that the archive is not real. This may be a bait for potential carders created by the Bank, the so-called honey pot. This trap for hackers creates an alleged vulnerability in the server which can attract the attention of attackers and inspire them to attack. And the honeypot will see how they work, write down the information and pass it to the cybersecurity department.

Although, such actions are risky for the image of a financial institution, as any Bank tries to avoid such negative publicity.

It is important to note that all data leaks from the Bank is the personal fault of the owners, managers of the Bank. In Russia and in Kazakhstan, in case of data leakage, the bank at best publishes a press release stating that “the situation is under control”. However, banks in the US and Europe in the same situation receive a huge fine.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.