Widely-used cyber crime forums targeted in hacking spree

Security researchers say hacker-on-hacker campaigns indirectly help the good guys

Four widely-used hacking forums operating on the dark web have been compromised in a series of cyber attacks, with unknown attackers seizing the personal data of members while also siphoning away cash.

Over the past few weeks, attackers have stolen user databases from these forums, which have included email addresses and hashed passwords, according to security researcher Brian Krebs. The incidents have left members of these sites worried that subsequent leaks could reveal their real-world identities.

The most recent hack, affecting an invite-only cyber crime forum known as Maza, took place this week, with security firm Intel 471 revealing that its users were redirected to a breach notification page upon signing in. This was posted alongside a 35-page PDF file allegedly containing a portion of forum user data, comprising more than 3,000 rows of usernames, partially obfuscated password hashes, email addresses, and other contact details.

The Maza hack follows attacks against Verified in January, Crdclub in February, and Exploit last week - all well-known dark web forums. This is in addition to a recent fifth attack against Hydra, a dark web marketplace known for the trade of illegal drugs and other criminal services, according to reports from Russian media.

“The incidents show that even perpetrators of cybercrime aren’t immune from experiencing the fallout that comes with personally identifiable information being made public,” Intel 471 said in a blog post.

“Various cybercrime forums are alive with chatter following the breaches, with nefarious actors wondering if their real-world identities will be discovered thanks to the leaked data.”

Some forum members have speculated these are the efforts of government agencies, although Intel 471 has cast doubt on the theory due to the public nature of these attacks. Krebs also reported that members across these forums have questioned whether the wider strategy is to sow distrust across the community, with cyber criminals now fixated on which platform would be compromised next.

The security company added that while the perpetrators haven’t identified themselves, they have indirectly given researchers an advantage. All information unearthed from these breaches will help in the fight against cyber crime, Intel 471 said, due to the added visibility it gives security teams who are tracking forum members.

Following the initial attack on the Verified forum, hackers then claimed on another site, Raid Forums, that they had taken Verified’s entire database of registered users and associated information, such as private messages, hashed passwords, and posts. The attackers also managed to steal $150,000 (approximately £108,700) worth of cryptocurrency from Verified’s Bitcoin wallet.

Related Resource

Online safety: A leader's responsibilities

Sample our exclusive Business Briefing content

Online safety: A leader's responsibilities - The Business Briefing from IT ProDownload now

Crdclub’s administrator, a month later, announced the forum had sustained an attack in which their own account was compromised. The attacker was able to lure members into using a money transfer service that was supposedly vouched for by administrators, which led to an unknown amount of money being diverted away from the site.

Last week’s attack against Exploit saw a proxy server used to protect against distributed denial of service (DDoS) attacks compromised by an unknown third-party. The forum’s administrator said that a monitoring service had detected secure shell (SSH) access to the server, and had attempted to capture network traffic.

Intel 471 has said its researchers will continue to monitor widely-used cyber crime forums to assess how these incidents have affected members of the hacking community.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
IT Pro Panel: Why IT leaders need soft skills
professional development

IT Pro Panel: Why IT leaders need soft skills

26 Jul 2021