A hacker group has posted details of more than 150 MySpace and 50 PayPal accounts, after harvesting data from open wireless networks.
The group, D3V29, stole usernames, passwords and account balances from unsecured, public networks operating in restaurants and stores in the United States.
Like Firefox add-on Firesheep, D3V29's self-built software scanned information transmitted on public networks to intercept unencrypted cookies.
Group members told SC that the software contained a "certain batch code that connected [to] the network and continuously ran code to find login data".
"We connected straight to www.myspace.com and sniffed logins on a public network through self-developed software."
D3V29 stole the PayPal details of users registered all over the world, including one from Australia.
PayPal account details were intercepted from transactions conducted in unnamed "public marketplaces" and later posted online. They remain valid at the time of writing.
The group, affiliated with the Anonymous collective, said the leak was part of the AntiSecurity campaign.
Copyright © SC Magazine, Australia
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.