© 2021 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

MyFreeCams hack: 2 million user records stolen from top adult streaming site and sold on hacker forum

2

UPDATE January 22: The threat actor has now deleted their post, as well as their account, from the hacker forum. They've also emptied their cryptocurrency wallet after collecting ~$22,400 in Bitcoin for the stolen data across 49 transactions.

The leak could put all MyFreeCams users at risk of blackmail attempts, credential stuffing attacks, and more.

A database that purportedly belongs to MyFreeCams.com, one of the top adult chat and web streaming communities, is being sold on a popular hacker forum. According to the post author, the data was exfiltrated from the company servers in December 2020 by carrying out an SQL injection attack, and includes 2 million user records of MyFreeCams Premium members, including their usernames, email addresses, MyFreeCams Token (MFC Token) amounts, and passwords in plain text.

Text

Description automatically generated

The author of the forum post is asking for $1500 in Bitcoin per 10,000 user records and claims that a single batch would net the buyers at least $10,000, which they could make by selling premium accounts with MFC Token (MyFreeCams’ virtual currency) balances on the black market.

MyFreeCams users’ data stolen and sold on hacker forum video screenshot

We asked MyFreeCams if they could confirm that the leak was genuine, and whether they have alerted their members and models. The company swiftly responded to our requests and immediately notified affected users and reset their passwords. According to MyFreeCams, their investigation "traced this data to a security incident that occurred more than ten years ago in June 2010" and "the exploit that was used to obtain this data was closed shortly after it occurred."

"MFC’s current systems prevent any similar attack. Until now, MFC did not have evidence that user data was actually compromised as part of the incident. We have informed affected users by email and reset their passwords. No credit card information was stored or compromised.”

MyFreeCams

With that said, it’s unclear how many accounts are in the threat actor’s possession, which means that there is a possibility that all MyFreeCams accounts could have been compromised.

To see if any of your online accounts were leaked, use our personal data leak checker with a library of 15+ billion breached records.

What’s in the database?

Based on the samples we saw from the database, it appears to contain:

  • Usernames
  • Email addresses
  • Passwords in plain text
  • MFC Token balances

Example of leaked data:

Who is the company behind the leak?

MyFreeCams is a live streaming ‘adult cam model’ website that offers explicit content intended only for mature audiences.

Ranked as the 619th most visited website on the Internet based on monthly traffic, it’s one of the world’s largest adult streaming websites boasting nearly 70 million visitors each month. It is predominantly used by amateur webcam models to stream live shows and chat with site members who can purchase virtual MFC Tokens that they can use to tip the models or watch private shows.

Who had access to the data?

The database is available for the entire userbase of the popular hacker forum to download in 10,000-line increments for $1500 worth of Bitcoin.

Based on the forum post author’s Bitcoin wallet balance, they have already received BTC 0.60222754 (which amounts to about $21,600) for what appears to be at least 14 batches of 100,000 users from buyers, with a total of 45 transactions executed at the time of writing.

That being said, it’s unclear how many accounts were exploited by the buyers before the passwords of the affected accounts were reset by MyFreeCams.

What’s the impact of the leak?

The data found in the hacked MyFreeCams database can be used in a variety of ways against the users whose information was exposed, including the following:

  • Blackmailing and extorting money from MyFreeCams account owners by threatening to expose their identity and MFC membership to others, including friends and family.
  • Stealing the accounts along with their MFC Token balances from the owners and selling them on the black market.
  • Committing credential stuffing attacks against the members’ other online accounts.
  • Using the data from the database to mount targeted phishing attacks.
  • Spamming the victims’ emails.

Fortunately, the stolen MyFreeCams database does not contain any highly sensitive information like credit card numbers or passport IDs. However, even email addresses and plain text passwords can be enough to take over the victims’ other accounts if they use the same login credentials across multiple online services.

Next steps

If you have a MyFreeCams account, immediately change your password and consider using a password manager to create strong, complex passwords.

Even though MyFreeCams reset the passwords of the affected accounts, it’s not certain that the threat actor who is selling the database is not in possession of more compromised MyFreeCams accounts that they have not yet managed to dehash.

If you’ve been using the compromised password for any other online services, make sure to change it there as well. Using a unique password for each online service will prevent threat actors from reusing it for credential stuffing attacks.


Build your secure personal and business online presence

Comments
K
K
prefix 8 months ago
Was it just usernames,email addresses, passwords and token balance that were leaked? Or was there further data also leaked?
Phillip Matthews
Phillip Matthews
prefix 9 months ago
there is a group from git hub that has accessed my laptop ,desktop, and cell phones since 2017 they have damaged 3 computers 7 hard drives 1 Microsoft computer stick and 6 cell phones they are using xml camlets and I’ve asked for help from google and Microsoft to find out they don’t stand behind there privacy guaranty .i have not give permissions for them to be on any of my computers but yet they are on all of them. Any help would be the first since 7/17/2017
Leave a Reply

Your email address will not be published. Required fields are marked