Karmic retribution: the hacker community was hacked and data made public

Кармическое возмездие: хакерское сообщество было взломано, а данные выложены в открытый доступ

OGusers forum popular among people involved in hacking a network account and holding attacks spoofing SIM cards to capture control over other people’s phone numbers, he was under attack. The network leaked the e-mail addresses, hashed passwords, IP addresses and personal messages to almost 113 000 users of the forum. It is likely that some of these data will be of great interest to U.S. law enforcement.

12 may admin OGusers explained to members of the community problems in the website, stating that hard drive failure was lost users ‘ private messages over the past few months, and that he restored the backup in January 2019. But whether he knew at this point that the data lost is not accidental, but was consciously copied and then deleted by the attacker?

May 16, competing the administrator of the hacker community RaidForums announced that the database has been downloaded OGusers in open access for all comers.

“May 12, 2019 forum ogusers.com was hacked, has suffered 112 988 users”, – stated in the message user Omnipotent, one of the administrators from RaidForums. “I copied the data obtained as a result of hacking – database together with the source files of their web site. Their hash algorithm is a salted MD5, which surprised me. The site owner acknowledged the loss of data, but not their stealing, so I guess that I’m the first one to tell you the truth. According to his statement, he didn’t have any recent backups, so I guess I will give them in this branch” – he added, sarcastically pointing out how this situation seems funny to him.

Database, a copy of which was obtained by KrebsOnSecurity blog that leads Brian Krebs (Brian Krebs) – a Washington Post journalist specializing in information security, according to Brian, that contains user names, email addresses, hashed passwords, private messages and IP addresses at the time of registration, approximately 113 000 users (although many of the accounts apparently owned by the same people).

Publication database OGusers was a real blow to many in the hacker community, where many of the participants were earning large amounts in the hacking and reselling mailboxes, social network accounts and payment systems. On the forum there was a variety of topics, filled with messages from concerned users. Some complained that they have received phishing emails aimed at their account OGusers and e-mail addresses.

Meanwhile, official Discord-channel community is also filled with messages. The participants expressed their anger at the chief administrator OGusers, who uses the alias “Ace”, claiming that he changed the functionality of the forum shortly after the publication of information about hacking, to allow users to delete their accounts.

“It’s hard not to admit that in response to this event feel a little Schadenfreude”, – Brian says. “It’s nice to see such a retribution for the community, which itself specializiruetsya on the other ones. In addition, Federal and local investigators of U.S. law enforcement agencies investigating the substitution of SIM cards probably would spend an exciting time with this database, and I assume that this leakage will contribute to an even greater number of arrests and charges for those involved in the different break-ins”.