Massive hacking forum gets hacked, members' details leaked online

By midian182 ยท 4 replies
May 18, 2016
Post New Reply
  1. In what must surely be the ultimate definition of irony, one of the world’s largest hacking forums has been hacked and had the private details of over half a million users dumped online.

    The Nulled.IO board is used to trade and sell credit card and leaked identity information, hacking tools, cracks, and malware-creation kits. On May 6th, the hacker or hackers responsible for the breach dumped a 1.3 GB compressed archive online which when expanded is a 9.45 GB SQL file containing details of the website’s cybercriminal users and their activities.

    According to RiskBased Security, which discovered the breach, the attack was likely possible due to Nulled.IO’s use of the Ip.Board community forum, which has a number of known vulnerabilities.

    "Considering this forum promotes the sharing of these activities, it makes this breach quite ironic. Nulled.IO was running the IP.Board community forum commonly known as IP.b or IPb. It appears that the forum was also running an IP.Nexus Setup for its market place as well as VIP forums among a few other IPb plugins," said the company.

    "While we do not have confirmation as to how this breach occurred at this point, there have been over 4,500 vulnerabilities to date in 2016, and with 185 total vulnerabilities in IP.Board (92 of them do not have a CVE by the way!) it is not hard to make a guess!"

    RiskBased Security said the full dump contains 536,064 user accounts, 800,593 user personal messages, 5,582 purchase records and 12,600 invoices, which could include donation records. There are also payment methods, Paypal emails, usernames, email addresses, hashed passwords, registration dates, registered IP addresses, and details of transactions.

    All this information will, of course, likely be of interest to law enforcement officials, especially as it contains so much information about illegal activities.

    A particularly interesting discovery made by the RiskBased Security team is that there are 20 .gov email accounts in the leaked database that originate from countries such as the US, Turkey, the Philippines, Brazil, Malaysia, and Jordan. There are also a large number of addresses that end in .edu, which is associated with institutions of higher education.

    It’s not known who was responsible for the breach, but the incident shows that no one, not even the hackers themselves, are safe when it comes to these kind of leaks.

    Permalink to story.

  2. Thrackerzod

    Thrackerzod TS Enthusiast Posts: 40   +30

    The hackers probably made a GUI interface in Visual Basic to burn through their public firewall.
  3. MonsterZero

    MonsterZero TS Evangelist Posts: 440   +223

    I bet some of those .gov accounts are the FBI buying hacking tools. LOL
    wastedkill likes this.
  4. ETF Soldier

    ETF Soldier TS Evangelist Posts: 463   +136

    Are you telling me hacking isn't as simple as guiding a line through a maze like in GTA V?
    wastedkill and Wendig0 like this.
  5. Duckeenie

    Duckeenie TS Booster Posts: 80   +62

    wastedkill likes this.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...