Recommended reading

Worrying attack sees 10,000 records allegedly belonging to VirtualMacOSX leaked - here's what we know

News
By published

VirtualMacOSX users told to reset passwords immediately

Concept art representing cybersecurity principles
Nytt DDoS-rekord (Image credit: Shutterstock / ZinetroN)
  • Security researchers find threat actor advertising a major database
  • The archive allegedly belongs to VirtualMacOSX.com
  • It contains passwords, bank data, and other sensitive information

Thousands of records belonging to VirtualMacOSX users, including banking information, have been leaked on a popular hacking forum recently, experts have claimed.

Cybersecurity researchers Safety Detectives say they found a new thread on a popular clearweb hacking forum (a forum hosted on the mainstream internet), in which the poster offered a database to anyone who would comment, or otherwise interact with the thread, for free.

Allegedly, the database belongs to the customers of VirtualMacOSX.com, a cloud-based service that provides virtual Mac OS X servers and desktops, and contains 176,000 lines, split across three separate .txt files. In these files were contained people’s user IDs, full names, company names, email addresses, postal addresses, phone numbers, passwords, password reset keys, bank names, bank types, bank codes, bank accounts, and various support tickets.

Reader offer: Get 60% off RoboForm password manager

Reader offer: Get 60% off RoboForm password manager

New users can take advantage of RoboForm’s exclusive deal and get 60% off the Premium Plan. With this deal, you can get unlimited password storage, one-click login & autofill, password sharing, two-factor authentication for added protection, cloud backup, and emergency access for trusted contacts. To claim this deal, visit this link and sign up for the Premium Plan to lock in this huge discount.

View Deal

Operations stable

The threat also contained a 34-line sample of the database, Safety Detectives said, adding that their superficial analysis confirmed the data’s authenticity.

“Although the data appeared genuine and we saw indicatives in invoices sent to VirtualMacOSX, we could not definitively confirm that the data belonged to VirtualMacOSX’s customers as, due to ethical considerations, we refrained from testing the exposed credentials,” the researchers said.

We would argue that it is unusual for cybercriminals to give away a brand new database containing both banking data and passwords for free, so it could also be that the database is either fake, or recycled from a previous breach. A quick Google search showed no previously reported breaches at VirtualMacOSX.com.

In any case, users should definitely reset their passwords, including on any other platforms where they might have used the same set of credentials.

Furthermore, they should closely monitor their bank accounts for any suspicious transactions. Finally, they should be on the lookout for well-crafted phishing emails impersonating VirtualMacOSX.com.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.