The Cybernews research team has discovery that Strendus, a Mexican-licensed online casino, left public access to 85GB of its authentication logs, with hundreds of thousands of entries containing private player data; also worth mentioning that the opened instance also contained data from another online casino, MustangMoney.
Also, Find the latest free chip and no deposit bonus offers at freechipnodeposit.com.
What data was leaked from Strendus
The hacked data is from Strendus the following:
- Usernames
- Names
- Government Identification Numbers (CURP)
- Phone numbers
- Email addresses
- Home addresses
- Date of birth
- Sex/Gender
- KYC status
- IP addresses used to register an account
- IP addresses used to log in
- Deposited amounts
- Amounts withdrawn
- Notes on users, submitted by administrators and customer support agents.
In the Elasticsearch instance, researchers stumbled across 16 indexes called “hacked[_id]” which are probably Indicators of Compromise (IoC); gIoCs are nothing more than evidence or data that suggests an incident or security breach has occurred. For example, it could be a sign of unauthorized access to records.
The fact that these indices were discovered suggests that the instance was not under regular monitoring, putting users at risk; this is particularly worrying, as casinos store a significant amount of customer data, making them attractive targets for cybercriminals.
The two platforms have collected extensive amounts of user data to follow Mexican gambling laws and comply with Know Your Customer regulations (KYC), used to verify the identity of users in order to prevent fraud, money laundering and other illegal activities.
Cybernews researchers They discovered the open application on April 7 and promptly informed the company that owns the gambling platforms; however, the filing remained open until mid-October, leaving user data accessible to the public for an extended period. The data was first indexed by IoT devices on March 8, 2023.
Neglectful cybersecurity puts players at risk
Failure to set up authentication correctly poses significant risks, since knowing the website’s domain is enough to allow an attacker to access user data.
Private user data was found in activity logs showing poor cybersecurity practices; keeping personal information in logs should be avoided, as it raises their level of sensitivity.
The information exposed in this data leak could be exploited for fraud, identity theft, phishing attempts or as a data source for precisely targeted cyber attacks.
The numbers of CURP (the equivalent of our tax code, but Mexican) leaked, in combination with other personal information, could be used to open bank accounts or make unauthorized changes on government websites in the name of the CURP number holder and administrators’ notes about users in the leaked logs could also help bad actors profile and better target users through spearphishing or other social engineering attacks.
Exposed phone numbers can be exploited for attacks spam, malware and spyware, to swap the SIM and to discover user accounts on platforms such as WhatsApp, Signal and others.
Leaked IP addresses introduce the risk of a local network takeover; IP addresses are used to ensure that Internet communications are sent and received by the intended device, and if attackers know the IPs, they could launch DDoS attacks and look for open ports that, if found, could potentially grant access to the local network and devices connected to it.
Take cover and don’t be like Strendus
Have you recently used the services of Strendus or MustangMoney? Here are some tips for taking shelter in cases like this one with Strendus:
- If you live in Mexico or for some mysterious reason you are a permanent resident there, given that the CURP numbers are unique they cannot be changedIf you’ve been affected by the leak, you should monitor any unauthorized changes on government websites, keep an eye on your credit score, and make sure all accounts using this number have strong passwords and two-factor authentication (2FA); this applies to any service, not just Strendus and not just online casinos, let’s be clear.
- Change your email password: Trivial, you’ll say, but strong passwords should be unique, have not been used previously, be at least 12 symbols long, and contain uppercase and lowercase letters and special symbols; It’s easy to create strong passwords using a unique password generator tool.
- Even if the credentials were not exposed, The leaked emails could pose a risk of credential stuffing attacks against Strendus casino accounts, as threat actors could use data leaked from previous breaches. You can use a leaked password checker tool to know if any of your passwords have been leaked online. Make sure that leaked passwords are not reused on any of your accounts.
- Leaked email addresses can be used to send unsolicited communications, such as spam or phishing emails; So you’d better be careful to receive such emails and do not click on any suspicious links in the emails.
- Make sure all accounts linked to a leaked phone number are protected with strong passwords and 2FA.
- To increase security, switch to using time-based one-time passwords (TOTP) instead of SMS-based 2FA or change your phone number.
- If you believe you may be at increased risk of direct cyber attacksit is advisable to contact your Internet service provider and request a change to your IP address to protect your local network.
It should be reiterated that all this does not only apply to casino services like Strendusbut for every online service that is punctured, it was also a public or government service.
#Strendus #Huge #Mexican #Online #Casino #Hacked