Max Messenger experienced a major data breach, exposing information on 154 million users, including usernames, phone numbers, and session tokens. The attack was carried out using a 0-day vulnerability, with the threat actor claiming long-term undetected access and the release of sensitive data. #CamelliaBtw #MaxMessengerBreach
Keypoints
- The breach was claimed by the threat actor โCamelliaBtwโ and targeted Max Messenger.
- The compromised dataset includes user personal information, session tokens, communication logs, and backend source code.
- The attack exploited a critical 0-day Remote Code Execution vulnerability in the platformโs media engine.
- The breach remained undetected for nearly a year before being publicly disclosed.
- Threat actors plan to distribute the stolen SQL data via torrent trackers.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!