A hacker group going by the name of d33ds has claimed to of hacked a yahoo voice subdomain which has resulted in a database being obtained. The database that has been taken appears to be in SQL format with a note in the leak suggesting that SQLi was used as a method of attack but no word on the exact target or exploit that was used. The leak was uploaded to the d33ds website which is currently offline and has been for most of the day, lucky enough we grabbed a copy of the data and we can confirm that it is in fact 100% real and currently being processed by ozdc.net . The leaked data came with database table information and the dump of 450,000 user accounts which contain user emails and passwords from various other email hosts. One thing that is really surprising about the leak is the fact that yahoo has stored this particular data in clear text, meaning anyone could just grab a email and pass and start trying other accounts which could turn out real bad for lots of innocent people. The leak comes with one main messages as a final message.
- Final Notes ————— “Growth begins when we begin to accept our own weakness.” – Jean Vanier We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage. ~ Greetz: N477, Johnn MRU, jackh4xor, BUNNN, paul4games, B0N3, TiGER-M@TE and all the members of D33Ds.Co and 0xf-security. [ – D33DS Co. – https://d33ds[.]co/ – ]
Since the leak the site d33ds website has been offline, now showing internal server errors but no doubt this data will resurface and continue to haunt many yahoo voice users for weeks if not months to come. Over the next week we are adding all the 450k emails that have been effected to ozdc, please use this search feature to see if you have been breached. Search https://ozdc.net/archives.php?aid=2666
Note of October 25, 2024: the d33ds[.]co URL showed up as a malware site on a scan, so the URL was edited and we caution people not to connect to it.