The hackers responsible for exploiting a flaw to target users of a popular file transfer tool has begun listing victims of the mass-attacks