OGusers, a forum popular with people involved in hacking online accounts and conducting SIM-swapping attacks to take control of other people's phone numbers, has itself been hacked. Email addresses, hashed passwords, IP addresses and private messages for nearly 113 forum users have leaked online. It is likely that some of this data will be of great interest to US law enforcement.
On May 12, the OGusers administrator explained the problems with the site to the community members, stating that due to a hard drive failure, users' personal messages for the past few months were lost, and that he restored the January 2019 backup. But did he know at that moment that the data was not lost by accident, but was quite deliberately copied and then deleted by the attacker?
On May 16, the administrator of the rival hacking community RaidForums announced that he had uploaded the OGusers database to the public.
βOn May 12, 2019, the ogusers.com forum was hacked, affecting 112 users,β Omnipotent, one of the RaidForums administrators, said in a post. βI copied the data obtained from the hack - the database along with the source files of their website. Their hashing algorithm turned out to be the standard salted MD988, which surprised me. The site owner admitted to data loss but not data theft, so I guess I'm the first one to tell you the truth. According to his statement, he didn't have any recent backups, so I guess I'll provide them in this thread," he added, sarcastically pointing out how ridiculous the situation seemed to him.
Database copied from KrebsOnSecurity blog run by Brian Krebs, a Washington Post cybersecurity journalist, claimed by Brian to contain usernames, email addresses, hashed passwords, private messages, and IP addresses at the time of registration for approximately 113 users (although many accounts appear to be owned by the same people).
The publication of the OGusers database was a real blow to many in the hacker community, where many of the participants earned large sums of money by hacking and reselling mailboxes, social media accounts and payment systems. The forum has been full of threads filled with posts from concerned users. Some have complained that they are already receiving phishing emails targeting their OGusers accounts and email addresses.
Meanwhile, the community's official Discord channel is also filled with posts. Members express their anger at the OGusers main administrator, who uses the pseudonym "Ace", claiming that he changed the functionality of the forum shortly after the hack was published to prevent users from deleting their accounts.
βItβs hard not to admit that you feel a bit of gloating in response to this event,β Brian writes. βIt's nice to see such retribution for a community that itself specializes in hacking others. Also, U.S. federal and local law enforcement investigators investigating SIM spoofing are likely to have fun with this database, and my guess is that this leak will lead to even more arrests and charges for those involved in these or other hacks.
Source: 3dnews.ru