Taringa Hack – 27 Million User Records Leaked

The New Acunetix V12 Engine


The Taringa hack is actually one of the biggest leaks of the year with 27 million weakly hashed passwords breached, but it’s not often covered in the Western media with it being a Latin American site (something like Reddit).

Taringa Hack - 27 Million User Records Leaked


The leak happened in August and it seems like the hackers were able to brute force around 95% of the account passwords fairly quickly with Taringa using an outdated and flawing hashing algorithm – md5.

Latin American social site Taringa, often called ‘Latin America’s Reddit’, has suffered a massive breach of user data. Login details for nearly all of the site’s users were compromised.

The social site had instituted a system in 2015 to pay users for content production using Bitcoin. The site partnered with Xapo to create digital wallets for content producers, and then began funding them with Bitcoin for participation.

Wallet balances of the individual users will likely be low, but the massive hack of data may well allow access to those wallets. With prices having increased dramatically since 2015, the original payments that remained intact are likely of some substantial value.


It’s a pretty interesting site to target too as it has cryptocurrency infrastructure which allows users to tip each with Bitcoins (something like Reddit Gold).

You can read the official statement from Taringa here:

Un mensaje importante sobre la seguridad de tu cuenta

Or translated to English here:

An important message about your account security

Taringa was using an aging encryption system for passwords called MD5. The hackers were able to crack 95% of the 27 mln passwords within just a few days. Taringa has assured customers that wallet addresses were not compromised, though the surety of the promise remains in question.

Users should move Bitcoin balances into other wallets for protection, especially if they had used the same password for their wallet as for their Taringa account, a common practice.

There have of course been some other massive leaks this year, which are still in the press like the Equifax Data Breach and the Time Warner Hack.

Taringa did take the right measures and reset all user passwords and promised to update the encryption method used to store passwords to something more robust (which I hope they did actually carry out).

Source: Coin Telegraph

Posted in: Hacking News

, ,


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


Comments are closed.