Since they get them from holes on the big neo sites' code (TDN) to steal the site's database (then use the info there for pass crackery), I suspect that as long as they can find a new vulnerability that hasn't been patched yet, hash lists can be made. Dunno if it's possible right now though.
Mine and 1-2 others are "fresh" although they may not be "new" users but they are new database grabs. So yes, it is still possible but it's hard to find lists that aren't in the market.
The Following User Says Thank You to Demo For This Useful Post: