A hacker group has posted details of more than 150 MySpace and 50 PayPal accounts, after harvesting data from open wireless networks.
The group, D3V29, stole usernames, passwords and account balances from unsecured, public networks operating in restaurants and stores in the U.S.
Like Firefox add-on Firesheep, D3V29's self-built software scanned information transmitted on public networks to intercept unencrypted cookies.
Group members told SC that the software contained a "certain batch code that connected [to] the network and continuously ran code to find login data".
"We connected straight to www.myspace.com and sniffed logins on a public network through self-developed software."
D3V29 stole the PayPal details of users registered all over the world, including one from Australia.
PayPal account details were intercepted from transactions conducted in unnamed "public marketplaces" and later posted online. They remain valid at the time of writing.
The group, affiliated with the Anonymous collective, said the leak was part of the AntiSecurity campaign.