The email addresses, private messages, IPs and password data of some 500,000 members of a hacker forum that essentially served as a marketplace of compromised passwords, stolen bitcoins, and other data has been leaked.
In what is certain to be seen with irony, a hacking forum has been hacked by a hacker which saw the details of hundreds of thousands of members leaked by the perpetrator.
The forum, called Nulled.IO is frequented by cybercriminals to trade and purchase stolen credentials, hacking tools, cracked software, and more. The forum has at least 473,000 registered users, according to one estimate.
A compressed archive file of 1.3GB is now freely available on a popular data breach sharing website on the clear web. Expanded, it turns out to be a massive 9.45GB SQL file named db.sql. The dump was discovered by security firm Risk Based Security.
The database altogether contains 536,064 user accounts with 800,593 personal messages between them. 5,582 purchase records and 12,600 invoices which included donation records were also found. The compromised accounts contain user names, email addresses, encrypted passwords, and IP addresses that were used during registration and registration dates.
A blog post by Risk Based Security reads:
When services such as Nulled.io are compromised and data is leaked, often it exposes members who prefer to remain anonymous and hide behind screen names. By simply searching by e-mail or IP addresses, it can become evident who might be behind various malicious deeds. As you can imagine, this can lead to significant problems for forum users.
Related read: CyberCrime Forum Darkode Taken Down
A quick search through the forum’s user-base sees a number of users registered with .edu accounts, suggesting that students or perhaps even academic staff of institutions are members of the cybercriminal forum.
A number of .gov email addresses have also been discovered from countries including the US. Brazil, Turkey, Malaysia and more.
The security firm added:
If law enforcement obtains this information, (which no doubt they already have) it can be used to filter out any “suspects” under investigation for possibly conducting illegal activities via the forums.
Image credit: Nulled.