Hackers post stolen PayPal details

By Darren Pauli on Jun 28, 2011 2:58 PM

Credentials remain valid.

A hacker group has posted details of more than 150 MySpace and 50 PayPal accounts, after harvesting data from open wireless networks.

The group, D3V29, stole usernames, passwords and account balances from unsecured, public networks operating in restaurants and stores in the United States.

Like Firefox add-on Firesheep, D3V29's self-built software scanned information transmitted on public networks to intercept unencrypted cookies.

Group members told SC that the software contained a "certain batch code that connected [to] the network and continuously ran code to find login data".

"We connected straight to www.myspace.com and sniffed logins on a public network through self-developed software."

D3V29 stole the PayPal details of users registered all over the world, including one from Australia.

PayPal account details were intercepted from transactions conducted in unnamed "public marketplaces" and later posted online. They remain valid at the time of writing.

The group, affiliated with the Anonymous collective, said the leak was part of the AntiSecurity campaign.

------------------

For those not following along, LULzSec and /or Anonymous and others have posted untold amounts of people's account details and passwords from sites all over the web.

No telling who all has the data or what they can do with it. Safe to say paypal members are at risk, especialy if they have lame passwords or use the same email addy & PW on more than one site. Find out more at twitter #AntiSec tag.

If you use wireless /wifi you may want to learn how to tunnel etc.