Hackers Are Hacked by Other Hackers, Twice-Stolen Data is Up for Sale

The infamous hacking forum -“w0rm”, has a user who has seemingly posted a database of stolen data and information from another hacking forum and is advertising the sale of the database online.

Russian hacker outfit w0rm, infamous for hacking servers of the BBC, CNET, VICE, the Washington Post and more in the past has a user who is advertising the sale of the database of hacker-forum “Monopoly”, reports Motherboard.

Monopoly is an underground forum all by itself with a leaning towards botnets, spam and credit card fraud. The user on w0rm – a private website, is selling the Monopoly database for a sum of $500, as revealed by a recent tweet posted by the hacking forum.

Related Article: Russian Hacker Group Targets Satellites to Spy on US & Europe

Hacked databases and stolen credit card information are popular products on underground websites and forums. However, it isn’t often that a cybercriminal is seen selling data in a forum that was originally obtained from another forum.

Hacking Forums and Their Notoriety

W0rm hit the headlines in 2013 after hacking into a BBC server. The subsequent hack of CNET, a popular technology website made the world take notice of the private hacking forum. It wasn’t before long that hacked databases from the Wall Street Journal and the Washington Post were put up for sale, for a single bitcoin each. A single bitcoin was equivalent to about USD $620 at the time.

W0rm also sells zero-day exploits, according to Forbes and they are priced anywhere from $500 and upwards to $30,000.

The CNET hack reportedly got w0rm a trove of encrypted passwords and emails of a million users’.  At the time of communicating to Forbes, w0rm boasted of having around a 100 zero-days that were available to purchase for the highest bidder. Worm.in, the team taking credit for the CNET hack then recommended the company to collaborate with worm.in in order to improve the security infrastructure of the website.

CNET downplayed the entire incident and added that only a “few servers were accessed.”

“We identified the issue and resolved it a few days ago,” a spokesman told The Register. “We continue to monitor and are investigating for any potential impact.”