Recently I discovered a database that contained over 600,000 records. Upon further investigation it became clear that these records were customer support attachments. This included images of individuals holding their credit card or passport, and a wide range of other support related information.
The records belonged to a company called Z2U that is based in China. Z2U appears to be a broker between individuals buying and selling everything from aged Facebook and Instagram accounts to access to HBO, Netflix, and Disney+, and even Windows license keys at a fraction of the real price. What was more disturbing was seeing sellers offering viruses, malware or other malicious applications.
Their customers were worldwide based on the identification documents contained in the database.
What the database contained:
- Images of credit cards, customers, and passports or other government issued identification documents.
- Records showing bank transaction payments that included IBAN numbers.
- User logins, emails and passwords for accounts. Order confirmations showing the buyer’s name, email, and details of their purchase.
- Software license keys for Microsoft, Norton, Kaspersky, Avira, Adobe Photoshop, and more.
- Screenshots of the customer support dashboard, communications, purchase histories, account credits, and refund requests.
- Records showing the sales of streaming accounts: HBO MAX, Netflix Premium, Disney+, and others.
- Records showing the sales of social media accounts: Facebook, Instagram, Twitter, and others.
- Amazon Prime accounts, and Amazon customer (buyer) and merchant (seller) accounts for sale.
- Gaming platform and other account passwords and login credentials.