{
	"id": "20ecfd97-91b0-4e36-baca-41ddb5a84267",
	"created_at": "2026-04-06T00:13:30.418819Z",
	"updated_at": "2026-04-10T03:25:21.615687Z",
	"deleted_at": null,
	"sha1_hash": "5016dbe147e3b653fec068943c27e9014ac30d44",
	"title": "Hacker puts up for sale third round of hacked databases on the Dark Web",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 687964,
	"plain_text": "Hacker puts up for sale third round of hacked databases on the\r\nDark Web\r\nBy Written by Catalin Cimpanu, ContributorContributor Feb. 17, 2019 at 6:05 a.m. PT\r\nArchived: 2026-04-05 16:08:36 UTC\r\nA hacker going by the name of Gnosticplayers has put up for sale another set of hacked databases on a Dark Web\r\nmarketplace.\r\nThis is the third round of hacked databases the hacker has published on the Dark Web marketplace known as\r\nDream Market. He previously posted a batch of 16 databases containing the data of 620 million users and a\r\nsecond batch of eight databases with the data of 127 million users.\r\nToday, the hacker published eight more hacked DBs containing data for 92.76 million users. The biggest name in\r\ntoday's batch is GfyCat, the famous GIF hosting and sharing platform. The hacker is selling each database\r\nindividually on Dream Market. Together, all eight are worth 2.6249 bitcoin, which amounts to roughly $9,400.\r\nIn an interview with ZDNet on Friday, Gnosticplayers took credit for the hacks and denied being just an\r\nintermediary.\r\nThe hacker says he intends to sell over one billion user records and then disappear with the money. His current\r\ntotal stands at roughly 840 million records.\r\n\"My two main goals are: -money -downfall of American pigs,\" he told us.\r\nNew leaks are coming, including one from a cryptocurrency exchange, the hacker told ZDNet.\r\nThe eight companies whose data Gnosticplayers put up for sale today are listed below:\r\nhttps://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\r\nPage 1 of 4\n\nCompany\r\nDB\r\nsize\r\nBreach\r\ndate\r\nPrice Content\r\nLegendas.tv (movie\r\nsharing service)\r\n3.86\r\nMil\r\n2017/10 ฿0.35 username, password (cleartext), email, IP address\r\nJobandtalent (job\r\nportal)\r\n11\r\nMil\r\n2018/02 ฿0.4669\r\nid, email, SHA1 encrypted password, password\r\nsalt, first name, surname, current IP address\r\nOnebip (mobile\r\npayment platform)\r\n2.6\r\nMil\r\n2017/10 ฿0.2626\r\nuser ID, name, email, password (cleartext), address,\r\ncompany info, phone number, PayPal info, banking\r\ninfo, login logs, API key, and other\r\nStoryBird\r\n(storytelling\r\nservice)\r\n4 Mil 2015 ฿0.2334 email, password (SHA256), username, other\r\nStreetEasy (real\r\nestate)\r\n1 Mil 2018/05 ฿0.175\r\nusername, email, password hash (SHA1) and salt,\r\nother\r\nGfyCat (GIF image\r\nhosting)\r\n8 Mil 2018 ฿0.35 username, password hash (SHA512), email, other\r\nClassPass (fitness\r\nservice)\r\n1.5\r\nMil\r\n2018 ฿0.204\r\nemail, password hash (SHA1), username, country,\r\nsex, full name\r\nPizap (online photo\r\neditor)\r\n60.8\r\nMil\r\n2018 ฿0.583\r\nFacebook user ID, password hash (SHA1 / not for\r\nall), email address, other\r\nhttps://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\r\nPage 2 of 4\n\nImage: ZDNet\r\nNone of the eight companies listed in Gnosticplayers' ad had previously disclosed a data breach. ZDNet has sent\r\nrequests for comment to the eight companies. We will update the article with any information we get back.\r\nHowever, many of the companies whose data the hacker has put up for sale in the past week have already admitted\r\nto suffering security breaches, making very likely that the data he's selling today is also legitimate.\r\nIn addition, each listing was also accompanied with the following message:\r\nGeorge Duke-Cohan is a young and talented boy, instead of giving him a chance, the UK govt sends\r\nhim to prison for three years.\r\nNow, he's been told by the American government, that he faces 65 years for the offense he was already\r\nsentenced to three years in the UK. It means he will be judged twice ??\r\nMay this upcoming release of dumps serve as a reminder:\r\nhttps://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\r\nPage 3 of 4\n\nWhen countries claim to respect their citizens, they have duty protect them. I wouldn't be surprised\r\nwhether George Duke-Cohan ends his life, the UK gov already destroyed him and doing this is like\r\nsentencing him to death.\r\nIf he is not given a fair justice during the upcoming days, weeks, years, more data will be released....\r\nGeorge Duke-Cohan is a UK national who is part og the Apophis Squad hacking crew. He was arrested last\r\nsummer and sentenced to three years in prison last December.\r\nUPDATE: GfyCat told ZDNet that they have started an investigation into the hacker's claims.\r\n\"We can also confirm that any account databases are strongly encrypted and salted, so no plain text passwords\r\nwould be in any compromised data,\" a spokesperson told us via email today.\r\nA ClassPass spokesperson also told us they've launched an investigation. OneBip also started an investigation, and\r\nprovided the following statement.\r\n\"Please rest assured that between 10/2017 and today there have been several improvements made on the security\r\nside independently from this claimed data breach. We have already informed our customers about this, and\r\nprecautionary measures have already been initiated,\" OneBip said.\r\nData leaks: The most common sources\r\nMore data breach coverage:\r\nChinese company leaves Muslim-tracking facial recognition database exposed online\r\nHackers wipe US servers of email provider VFEmail\r\nDunkin' Donuts accounts compromised in 2nd credential stuffing attack in 3 months\r\nHackers tried to steal €13 million from Malta's Bank of Valletta\r\nOnline casino group leaks information on 108 million bets, including user details\r\n127 million user records from 8 companies put up for sale on the dark web\r\nMassive breach leaks 773 million email addresses, 21 million passwords CNET\r\nHackers turn to data theft and resale on the Dark Web for higher payouts TechRepublic\r\nSource: https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\r\nhttps://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia",
		"ETDA",
		"MISPGALAXY"
	],
	"references": [
		"https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/"
	],
	"report_names": [
		"hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web"
	],
	"threat_actors": [
		{
			"id": "1609af91-e258-4058-9caa-59e7d171aecb",
			"created_at": "2022-10-25T16:07:24.491691Z",
			"updated_at": "2026-04-10T02:00:05.008935Z",
			"deleted_at": null,
			"main_name": "Gnosticplayers",
			"aliases": [],
			"source_name": "ETDA:Gnosticplayers",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "56d15cc7-f9c1-451f-bdde-8c283e3cf15b",
			"created_at": "2023-01-06T13:46:39.015288Z",
			"updated_at": "2026-04-10T02:00:03.181411Z",
			"deleted_at": null,
			"main_name": "Gnosticplayers",
			"aliases": [],
			"source_name": "MISPGALAXY:Gnosticplayers",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434410,
	"ts_updated_at": 1775791521,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5016dbe147e3b653fec068943c27e9014ac30d44.pdf",
		"text": "https://archive.orkl.eu/5016dbe147e3b653fec068943c27e9014ac30d44.txt",
		"img": "https://archive.orkl.eu/5016dbe147e3b653fec068943c27e9014ac30d44.jpg"
	}
}