Recently, a stock of personal information such as driver’s licenses and passports of investors and potential investors tied to the Bezop crypto currency has been exposed. The report came out from a research performed by Kromtech Security.
On Wednesday, Kromtech declared that Bezop left a MongoDB database completely unsecured, which have proclaimed being exposing the information including full names, email addresses, addresses, encrypted passwords, bank details, scanned passports and more.
On the list of advisers whose names are based on the organization’s website, John McAfee, the former security software tycoon, is on the top position who turned out to be a fugitive, became paid cryptocurrency enthusiast. Earlier this year, McAfee announced that he charges up to $106,000 to support Initial coin offering (I Cos) on his Twitter account. While in March 2018, he also claimed that he would start-off his own “hack proof” crypto-security firm with many other services.
McAfee added a comment on the testimonial section of Bezop’s website mentioning that he has become an advisor to bezop.io. Moreover, McAfee, being an investor their ICO, also recommended implementing the plans successfully. However, Bezop was not directly approached for comment.
Deryck Jones, the CTO of Bezop Block chain Ltd said to a threat post that an update was sent out in the starting of this year alerting people that Bezop has been aimed by a Denial-of-service attack (DDoS) attack and also of the security holes revealing that data. (Threatpost remarked its uncertainty about the target aimed by Jones for was it actually referring to the passports and other sensitive data unsealed by Kromtech.)
While yesterday, Bezop disclosed on Medium that McAfee activate was being paid to promote its cryptocurrency and the investors were warned about the violation of their personal information in January. Mean while Kromtech states the investors’ data was openly available as late as March 30. According to Kromtech reports, Bezop has launched a program named as bounty in January around the time of its ICO.
Researchers said the exposed tables from the database of Bezop, was not protected by a password have the possibility to be accessed by virtually online, which is called as “Bounty,” that suggests the data it contains may link to the people who joined in the program.