The credentials of 3.5 million users of MobiFriends, a popular dating app, have surfaced on a prominent deep web hacking forum, according to researchers. MobiFriends is an online service and Android app designed to help users worldwide meet new people online. The Barcelona-based developer of MobiFriends, MobiFriends Solutions, has not commented on the leak. Researchers say the leaked data include dates of birth, genders, website activity, mobile numbers, usernames, email addresses and MD5 hashed passwords. Roy Bass, senior dark web analyst at Risk Based Security (RBS), told Threatpost the posting came from a reliable source. Bass said that researchers verified the data against the MobiFriends official website (researchers also provided Threatpost with redacted screenshots of the shared credentials). The compromised credentials were originally posted for sale on an underground forum on Jan. 12 by a threat actor named “DonJuji,” according to a RBS post on Thursday. The threat actor att