The Internet is a huge mine of personal information and it is quite the gold mine for those who know how to get to all that and use it. But a service called Indexeus is showing just how easy it is to turn the tables on professional data miners by listing accounts and passwords belonging to those miners aka hackers.
What Indexeus sits on is a pile of breached databases belonging to compromised websites - websites visited by people who hack and do other nefarious business online. So they have lists containing the information of people who have been very, very naughty online or plan to be.
When the personal information brokers are the ones getting their data sold and traded, it's sure to cause quite a stir. That was the point. The people behind Indexeus want those listed to pay 'donations' of US$1 per record which will make their information disappear but also serves as insurance against being re-listed.
One of the site's founders, Relinquo revealed the site had gone through some minor reforms due to some 'legal complications'. Minors will have their information removed immediately and there are tweaks being made as to the logs and whether blacklisting will be paid or free.
What will make things hard for Indexeus is the current right to be forgotten data privacy laws in Europe which ruled that individuals have a right to request the removal of Internet search results if deemed “inadequate, irrelevant or no longer relevant, or excessive.” So technically hackers feeling victimised by Indexeus could request their data be removed post-haste without having to succumb to blackmail.
While it might seem amusing to see hackers get their just desserts, is it any better to be using the same nefarious tools for what still seems like an extortion ring? The ends don't justify the means, even in this case.
READ MORE: The Heartbleed bug
[Source:Krebs on Security]