LATEST: BreachForums v1 database leak is an OPSEC test for hackers | Bleeping Computer
The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages, cryptocurrency addresses, and every post on the forum.
BreachForums v1 database leak is an OPSEC test for hackers
Fitzpatrick allegedly sold this database in July while he was out on bail.
The data has since been circulating among different threat actors, with oneattempting to sell it for $150,000 later that month.
While the database was shared with Have I Been Pwned at the time, it was never publicly released until this past weekend.
Drip ... drip ... drip
Since the weekend, there has been a steady leak of data from the BreachForums v1 database.
It started with the threat actor Emo releasing a limited export of member data, including
member names, email addresses, and IP addresses after they were banned from the current incarnation of BreachForums.
However, as infighting continued among the BreachForum community members, Emo leaked the entire database Tuesday night, exposing a tremendous amount of additional data.
"Find enclosed the full BreachForum v1 database, every record up to November 29th, 2022," Emoposted to Telegram.
"This database includes everything, Private Messages, Threads, Payment logs, detailed IP logs for each user, etc. I originally only leaked the user table to discourage it from being sold behind the scenes by BreachForum staff, however it's become apparent that so many people have the database now that it being leaked is an inevitability."
"This will give everyone a chance to review their records and fix holes in their OPSEC."
Emo leaking the database on Telegram Source: BleepingComputer
BleepingComputer has obtained the database and, based on timestamps in the database records, can confirm it is an entire backup of the MyBB forum that was created on November 28th, 2022, at approximately 7 PM ET.
The database contains all the forum data, including members' hashed passwords, private messages between users, cryptocurrency addresses used to purchase forum credits, and every post on the site.
The private messages are particularly damaging, with threat actors messaging each other about their exploits, expressing a desire to purchase access to networks, or seeking access to the latest stolen data.
mybb_privatemessages table from the leaked database Source: BleepingComputer
The data also includes cryptocurrency addresses used to purchase site credits, which allowed members to view content hidden in forum posts.
These addresses will allow crypto intelligence firms to tie historic cryptocurrency payments to specific threat actors.
While law enforcement already has this database after they seized the site and arrested its owner in 2023, other threat actors, journalists, and researchers have not seen it until now. Even though the data is nearly two years old, it will still be an operational security (OPSEC) test for many threat actors who frequented the forums.
OPSEC is a method used to protect sensitive information that could be used by adversaries to gain an advantage or identify you.
Did the hacking forum members adequately perform OPSEC by using VPNs or Tor when connecting to the site, using privatized email addresses, or properly hiding their identities?
. . .Only time will tell as researchers and journalists use this data to build threat actor profiles that tie them to other malicious activity.
Threat actors are taking advantage of the massive popularity of the Hamster Kombat game, targeting players with fake Android and Windows software that install spyware and information-stealing malware.
Microsoft has released the July 2024 preview update for Windows 10, version 22H2, with fixes for Windows Defender Application Control (WDAC) issues causing app crashes and system memory exhaustion.
The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users.
Prepare for your cybersecurity certification on your own schedule. For a limited time, you can get the Ultimate Ethical Hacking Super-Sized Certification Prep Bundle on sale for $34.99.
Russian-linked malware was used in a January 2024 cyberattack to cut off the heating of over 600 apartment buildings in Lviv, Ukraine, for two days during sub-zero temperatures.
Verizon Communications has agreed to a $16,000,000 settlement with the Federal Communications Commission (FCC) in the U.S. concerning three data breach incidents its wholly-owned subsidiary, TracFone Wireless, suffered after its acquisition in 2021.
Upgrade to a new desktop for a low price. Normally, this HP Pavilion Desktop would cost $599, but you can get it on sale for only $349.99 for a limited time.
The Land Registry agency in Greece has announced that it suffered a limited-scope data breach following a wave of 400 cyberattacks targeting its IT infrastructure over the last week.
Google has scrapped its plan to kill third-party cookies in Chrome and will instead introduce a new browser experience to allows users to limit how these cookies are used.
DDoS-for-hire service DigitalStress was taken down on July 2 in a joint law enforcement operation led by the United Kingdom's National Crime Agency (NCA).
The largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to restore systems affected by a Friday ransomware attack.
An innocent mistake can lead to a corporate nightmare. Learn from Specops Software about five of the most frequent cybersecurity blunders that can let attackers breach a network.
The Spanish authorities have arrested three individuals for using DDoSia, a distributed denial of service platform operated by pro-Russian hacktivists, to conduct DDoS attacks against governments and organizations in NATO countries.
.gif)
.gif)
.gif)
0
No comments:
Post a Comment