Widely-used cyber crime forums targeted in hacking spree

Security researchers say hacker-on-hacker campaigns indirectly help the good guys

Four widely-used hacking forums operating on the dark web have been compromised in a series of cyber attacks, with unknown attackers seizing the personal data of members while also siphoning away cash.

Over the past few weeks, attackers have stolen user databases from these forums, which have included email addresses and hashed passwords, according to security researcher Brian Krebs. The incidents have left members of these sites worried that subsequent leaks could reveal their real-world identities.

The most recent hack, affecting an invite-only cyber crime forum known as Maza, took place this week, with security firm Intel 471 revealing that its users were redirected to a breach notification page upon signing in. This was posted alongside a 35-page PDF file allegedly containing a portion of forum user data, comprising more than 3,000 rows of usernames, partially obfuscated password hashes, email addresses, and other contact details.

The Maza hack follows attacks against Verified in January, Crdclub in February, and Exploit last week - all well-known dark web forums. This is in addition to a recent fifth attack against Hydra, a dark web marketplace known for the trade of illegal drugs and other criminal services, according to reports from Russian media.

“The incidents show that even perpetrators of cybercrime aren’t immune from experiencing the fallout that comes with personally identifiable information being made public,” Intel 471 said in a blog post.

“Various cybercrime forums are alive with chatter following the breaches, with nefarious actors wondering if their real-world identities will be discovered thanks to the leaked data.”

Some forum members have speculated these are the efforts of government agencies, although Intel 471 has cast doubt on the theory due to the public nature of these attacks. Krebs also reported that members across these forums have questioned whether the wider strategy is to sow distrust across the community, with cyber criminals now fixated on which platform would be compromised next.

The security company added that while the perpetrators haven’t identified themselves, they have indirectly given researchers an advantage. All information unearthed from these breaches will help in the fight against cyber crime, Intel 471 said, due to the added visibility it gives security teams who are tracking forum members.

Following the initial attack on the Verified forum, hackers then claimed on another site, Raid Forums, that they had taken Verified’s entire database of registered users and associated information, such as private messages, hashed passwords, and posts. The attackers also managed to steal $150,000 (approximately £108,700) worth of cryptocurrency from Verified’s Bitcoin wallet.

Related Resource

Online safety: A leader's responsibilities

Sample our exclusive Business Briefing content

Online safety: A leader's responsibilities - The Business Briefing from IT ProDownload now

Crdclub’s administrator, a month later, announced the forum had sustained an attack in which their own account was compromised. The attacker was able to lure members into using a money transfer service that was supposedly vouched for by administrators, which led to an unknown amount of money being diverted away from the site.

Last week’s attack against Exploit saw a proxy server used to protect against distributed denial of service (DDoS) attacks compromised by an unknown third-party. The forum’s administrator said that a monitoring service had detected secure shell (SSH) access to the server, and had attempted to capture network traffic.

Intel 471 has said its researchers will continue to monitor widely-used cyber crime forums to assess how these incidents have affected members of the hacking community.

Featured Resources

2021 Thales access management index: Global edition

The challenges of trusted access in a cloud-first world

Free download

Transforming higher education for the digital era

The future is yours

Free download

Building a cloud-native, hybrid-multi cloud infrastructure

Get ready for hybrid-multi cloud databases, AI, and machine learning workloads

Free download

The next biggest shopping destination is the cloud

Know why retail businesses must move to the cloud

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Supply chain breaches impacted 97% of firms in the past year
supply chain management (SCM)

Supply chain breaches impacted 97% of firms in the past year

12 Oct 2021