Posted on April 8, 2021 at 7:05 PM
Cybersecurity watch platform, Have I been Pwned, has revealed an enormous data breach on a well-known carding forum.
According to the report, the breach exposed users’ email addresses, IP addresses, usernames, and hashed passwords of over 500,000 users of the hacking forum, and about 300,000 have been affected.
The report also revealed that the operators of the forum are yet to notify the affected users.
Hackers advertising stolen data on other forums
Troy Hunt, the founder of Have I Been Pwned, has confirmed the authenticity of the compromised data. He stated that the forum recognized the stolen email addresses using the “forgot password” feature. However, it didn’t work when ransom email addresses were inputted.
A hacker seems to the advertising the stolen data on another hacking forum, according to the report. According to screenshots shared online by The Motherboard, the supposedly stolen database was 900 GB in size containing 130,000 threads and 660,000 posts. The report also stated that the hacker was offering the stolen data for free.
Carding Mafia, the victimized forum, is a forum where stolen credit cards are traded. The trend in cybercrime transactions has shifted to private messaging apps to avoid alerting security researchers and authorities who usually go straight to investigations to find out the cause of the situation.
Now, they try to circumvent these groups to stay in business for a long time.
Increase level of hacking on the darknet
In so many instances, hackers usually try to earn “street cred” or gain a reputation on the hacking forum by disposing of stolen data for free. They can take advantage of this reputation to ask for payment for data or even ask for premium prices. Sometimes they offer the stolen data for free if they have other more important data they want to offer for sale in the future.
The level of competition within these forums has increased, and threat actors and hackers are trying to outdo each other for more attention and more financial gains.
Reputation is a very strong point for decisions taken in the underground markets. Some threat actors have already built a reputation in the market over the years. They are now known as the go-to hackers for those looking for stolen data.
As a result, relatively unknown hackers find it very difficult to sell stolen data. They usually use data brokers and offer generous commissions for the sales.
Hacking forum Darknode was hacked in 2017 shortly after it was launched, while OGUSERS was breached twice in 2019 and 2020.
Security journalist Brian Krebs also revealed that three popular Russian darknet forums were recently hacked within a space of three weeks.
Hacker on hacker cybercrime is now a popular way to stifle competition from rival gangs that offer similar services. It is gradually turning into a guerilla online warfare among these cybercriminals who stop at nothing to stay ahead of others in the system.
But, users from where the data were stolen are the biggest losers in this game.
Users are now more exposed than ever before
It has increased the risks to victims when their data is exchanged with more criminals. But in another way, the constant exposure of the data by the cybercriminals could lead to their arrests through IP and email address tracing.
While law enforcement agencies can track a cybercriminal through their IP information, most hackers make use of VPN services to hide their real internet addresses. This makes it difficult for law enforcement to trace them.
Apart from using a VPN, most hackers now use email addresses that are untraceable when registering on hacking sites, making it even more difficult to trace them.
But most novice hackers are more likely to make mistakes that will expose them by registering on the carding forums using ream email addresses or logging in with their real IP address.
Sadly, the resources needed to track the cybercriminals, arrest and prosecute them fall beyond governments’ abilities.