Latest Ashley Madison data dump may not genuine

Ashley Madison

A larger leak of material that allegedly contains details of adultery website Ashley Madison users has been published online, but its legitimacy has been questioned.

The first set of data released last Tuesday (19 August) with the names, e-mail addresses and a list of credit card transaction came with a note from the hackers that described the leak as the “first,” suggesting they always intended to release more. A second dump last Thursday (21 August) revealed internal company e-mails and website source code.

The Impact Team have not been as intent on laying a claim to this latest leak either. Although within the data, a file stating: “Hey Noel, you can admit it’s real now” – The Impact Team” can be found.

Noel Biderman is Ashley Madison’s CEO.

Previously, The Impact Team uploaded the torrent to file sharing site The Pirate Bay, however yesterday’s was uploaded yesterday evening under by the account Liberator 2007, an account which previously uploaded free boot and recovery software.

Some 20Gb of data was published online, including a 13.74Gb compressed file titled “noel.biderman.mail.7z”, stirring speculation that this could contain all of his e-mail communications.

However, those keen to extract the files and put them in a searchable format have encountered issues. The Biderman e-mail file is corrupt, rendering it impenetrable.

Per Thorsheim, chief executive of cybersecurity firm God Praksis told the BBC: “It’s in a zipped format, and when I try to decompress the contents a message comes up saying it won’t work… I can’t yet say why.”

The larger file size could be a duplication or un-archived version of the dump, Pirate Bay users speculated. Warning signs including little official update from Impact Team on the Deep Web and the fact that the original files appeared to include information on the 36 million users (a figure confirmed by Avid Life Media).

However, files have been zipped in a .TGZ format (compressed archive files) which suggests they could be legitimate due to their size.

Opportunistic malware spreaders have jumped on the Ashley Madison bandwagon, uploading files titled ‘full Ashley Madison dump’ and titles to similar effect, on torrenting sites, preying on those hoping to download through the leaked data.

User Brave Wanderer warned: “I wouldn’t touch the other one until further announcement from Impact Team.”

IDG News Service

The post Latest Ashley Madison data dump may not genuine appeared first on