Thousands of Passwords Exposed via Popular JSON Formatter Tools

New research reveals that organizations in critical sectors such as government, telecommunications, and infrastructure have been exposing sensitive credentials by pasting them into online code formatting and validation tools. The Cybersecurity firm watchTowr Labs collected a dataset of over 80,000 files from platforms including JSONformatter and CodeBeautify, uncovering a wide range of leaked data like usernames, passwords, repository keys, database access credentials, and API keys.

This data spans five years of JSONformatter content and one year from CodeBeautify, totaling more than 5 gigabytes of annotated JSON files. Affected sectors include finance, healthcare, aerospace, education, retail, and cybersecurity, among others. Security researcher Jake Knott explained that these tools are popular and often ranked high in search engine results, leading many organizations and developers to use them for formatting code that sometimes contains sensitive information, as stated here.

Both services allow users to save formatted code as shareable links, which can be accessed by anyone with the URL. These links follow predictable patterns (e.g., https://jsonformatter.org/{id} or https://codebeautify.org/{formatter-type}/{id}), making it possible for malicious actors to scrape exposed data using automated crawlers. Examples of leaked information include Jenkins secrets, encrypted credentials, Know Your Customer (KYC) details from banks, AWS credentials linked to a financial exchange’s monitoring tools, and Active Directory credentials for banking institutions.

watchTowr Labs conducted tests by uploading fake AWS keys, observing that these were targeted by attackers within 48 hours of being posted. This demonstrated active scraping and exploitation of exposed credentials. Knott emphasized the severity, stating, “Mostly because someone is already exploiting it, and this is all really, really stupid.”

In response to these findings, both JSONformatter and CodeBeautify have temporarily disabled the save functionality, reporting they are working on improvements and enhanced content prevention measures. watchTowr Labs suspects this action followed September communications with impacted organizations, as detailed above.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Polymarket Gets CFTC Nod to Operate US Retail Exchange
• Elon Musk’s xAI Extends $15B Raise, Now Targeting $230B Value
• Viva La Libertad website taken down amid LIBRA token probe
• Standard Chartered Becomes 21Shares’ New Digital Asset Custodian
• Deutsche Bank Predicts S&P 500 to Hit 8000 by 2026 on AI Surge