An online search engine shows the full decrypted password of accounts that were leaked in several data leaks. Users can pay $10 in Bitcoin and several other cryptocoins to have their password removed. At the moment the site claims its overloaded but silently runs a crypto mining script.
(screenshot of the breachedpasswords site, cryptocurrency addresses are redacted)
The website ‘breachedpasswords.website’ claims it’s searching through 1.4 billion passwords. This is very well possible because a database with 1.4 billion leaked passwords is widely available on the dark web. Earlier, a ‘whitehat’ hacker created a website where users could check whether their password was in the database. The site works by entering an email address or domain after which the website will show parts of the leaked email addressed and the first two characters of the password.
The new search engine shows the entire password, which means it’s also possible to obtain the password of other users. Users can pay $10 in cryptocoins to be removed from the database. Obviously it’s not recommended to pay, by paying you’re financing a cybercriminal. Instead change the password of the affected accounts.
At the moment the site doesn’t work, instead the results page appears to be loading forever. In reality, the website utilizes 100% of your CPU power by running the Crypt Loot script to mine the Monero cryptocurrency.
The Bitcoin address at the website shows the cybercriminal behind the site hasn’t received any payment yet.