Bis zum 39C3 öffne ich täglich ein Türchen zu den langweiligsten Datenlecks der letzten Jahre. Es geht um .git, .env, exponierte dev-Umgebungen und andere technisch langweilige Ursachen. Aber manchmal ist interessant, was sich hinter einem Türchen verbirgt. Alle Türchen sind hier zu finden.
Voxsmart hat 2022 mehr als 13 TB Daten ins Internet gepustet, nicht ausschließlich langweilige Telemetriedaten:
We capture and store mobile communications to give you the most sophisticated mobile surveillance capability in the world. (PlayStore Beschreibung)
In den Logs tauchen mehr oder weniger bekannte Namen auf: bankofamerica, blackheathcapital, burnhamsterling, clarksons, nedbank, softbank, smithandwilliamson. Auch Coinbase teilt(e?) seine Kundengespräche mit Voxsmart:
{ id=224436, message="HELP" }
{ id=224437, message="i have been hackewd" }
{ id=224438, message="someone is trying to take 521,000 pending off my coinebae pro account" }
{ id=224439, message="plese help" }
{ id=224440, message="The line you gave me was wrong" }
{ id=224441, message="please stop that transaction!" }
{ id=224442, message="hey ████████, moment" }
{ id=224443, message="pinging security" }
{ id=224444, message="i followed everything custody told me" }
{ id=224445, message="the line that gave me was hacked or something" }
{ id=224446, message="this is a transfer from Custody or Exchange?" }
{ id=224447, message="what do you mean the line that you were given?" }
{ id=224448, message="no its someone trying to pull it off my pro exchange" }
{ id=224449, message="its not me" }
{ id=224451, message="I had to do a passowrd reset you guys were hlepng me" }
{ id=224453, message="your chat feature you guys told me to follow on coinsbase support was hacked" }
{ id=224454, message="can you send screenshots" }
{ id=224455, message="i am so freaking out" }Indices: 846, document count: 54017329277, size: 13.2 TB
cloudtrail-2022.01.17 with 752429 documents (513.7 MB)
cloudtrail-2022.04.19 with 1299137 documents (811.5 MB)
cloudtrail-2022.04.20 with 759529 documents (532.2 MB)
deadletter-prod-broker-2022.01.17 with 8029 documents (11.9 MB)
eks-2022.01.17 with 832214 documents (156.2 MB)
eks-2022.04.19 with 742248 documents (261.9 MB)
eks-2022.04.20 with 403275 documents (147.3 MB)
logs-2022.01.17 with 393864826 documents (102.5 GB)
logs-2022.04.19 with 674281379 documents (160.4 GB)
logs-2022.04.20 with 398431321 documents (97.4 GB)
sandbox-2022.01.17 with 3737345 documents (1.6 GB)
sandbox-2022.04.19 with 15735864 documents (9.0 GB)
sandbox-2022.04.20 with 8162190 documents (4.9 GB)
tcap-logs-2022.01.17 with 5791457 documents (1.2 GB)
tcap-logs-2022.04.19 with 43087656 documents (11.2 GB)
tcap-logs-2022.04.20 with 27793404 documents (10.5 GB)
voxsmart-vpc-flow-logs with 13322938 documents (2.5 GB)
...