The database was first exposed on a popular Russian hacker forum around 7:20 AM, Monday, May 3, 2021. It was not clear whether the Raychat app had these records stolen from its servers or it was a result of a previous data leak that took place as a result of the misconfigured database identified by IT security researchers Bob Diachenko on January 31st, 2021.
Diachenko tweeted a series of tweets regarding the Raychat app. He stated that the Raychat app exposed its entire database on a misconfigured server. The database consisted of more than 267 million accounts with data like names, emails, passwords, metadata, encrypted chats, etc, reported by the researcher. He also stated that he had not been responded to by the company on which an Iranian Twitter user responded to Diachenko.
He posted a screenshot of a tweet from the Raychat app in which they confirmed that there is no data has been leaked.
They claim no data has been lost or leaked.
do you have proof/resource? kindly send me those datahttps://t.co/cViqSZoJsa
— Mohammad Shadmani (@themshday) January 31, 2021
A prominent hacker forum, Raid Forum a threat actor claimed to leaked the data. He said they downloaded the data before it was removed out by the meow attack. The data seems authentic and millions of Iranians private information had been posted online.
The leaked data includes;
- IP Addresses
- Email Addresses
- Bcrypt Passwords
- Telegram messenger IDs, Etc
This is not the first and apparently not even the last time that Iranians have been a victim of a cyberattack. This has happened in the past too. In April 2019, a database, of the Snapp app (Iranian Uber) leaked “astonishingly sensitive information” of millions of users on an insecure MongoDB server.
In April 2020, 52,000 Iranian ID cards were sold on the dark web and later leaked on the normal web, that too with selfies. The personal details and phone numbers of 42 million Iranians sold on a hacking forum in March 2020. So you see Iranians and web attacks go side by side.
As for the victims, it’s now time to be more careful. Watch out for phishing attacks through emails. Do not click on the links either in messages or in email as that could be a scam. They could further invade your privacy by hacking your phone. And you don’t want that right.