You are here

HomeJohn Lister › Irony Strikes As Hacking Site Hacked

Irony Strikes As Hacking Site Hacked

John Lister's picture
by John Lister on May, 18 2016 at 12:05PM EDT

A major website used by hackers to exchange stolen data has itself been hacked. The breach has exposed hundreds of thousands of user accounts.

The site called "Nulled" hosted discussion forums for users to exchange tips on how to hack into websites. It also included a section for buying and selling data such as stolen account information. Ironically, given the new development, the site had the slogan "Expect the unexpected." At the time of writing, the site was offline for "temporary unscheduled maintenance," with its database leaked onto other websites for download.

It appears that whoever attacked the site took advantage of a flaw either in the message board software or "plugins" that can be added to the software for special features such as financial transactions.

Entire Forum Database Breached

The Risk Based Security website reports that the attackers stole a 9.45 gigabyte database file that appears to be the complete database of the message board. That includes personal details such as user names, email addresses and the IP address of the computer each user connected from when they signed up. (Source: riskbasedsecurity.com)

The database also includes each user's chosen password for accessing the site, though this was stored in encrypted form. This has been described as a weak hashing encryption, meaning the attackers may well be able to decrypt the passwords, but would take some time to do so.

Also in the file is a complete copy of every post made on the site, including those in a VIP section only available to paid subscribers, along with private messages sent between users. As Risk Based Security points out, the exposure of the VIP section content means its highly unlikely anyone would ever think it worthwhile paying for access on the site again, which may destroy the site's business model.

Cybercrime Cops Will Relish Revelations

The data from the section for financial transactions does include some account details such as the email addresses used for PayPal payments, though not enough information to allow these accounts to be used without authorization.

It's likely the user registration details that will be the most serious breach for users. Law enforcement that have tried to previously track down 'hacker suspects' may be able to use the database to find proof that particular individuals have effectively admitted to illegal activity. (Source: bbc.co.uk)

What's Your Opinion?

Do you have any sympathy for the users of the hacked hacking site? Can the attack be justified or do two wrongs never make a right? Were the users naive to talk about hacking in a forum that ran using vulnerable software?

Filed under:
Security
| Tags:
user
,
site
,
database
,
null.io
,
hacked
Rate this article: 
Average: 4.9 (11 votes)

Comments

Dennis Faas's picture

Submitted by Dennis Faas on Wed, 05/18/2016 - 12:58

Interesting - according to riskbasedsecurity.com, the forum used on null.io's website had 185 vulnerabilities so far 2016 - that's a heck of a lot of bugs. It should be noted that no software is immune to vulnerabilities, so just because this was a 'hacker' site does not mean they are invincible. As long as an exploit is accessible, then any site / machine can be hacked.

gbruce40_3626's picture

Submitted by gbruce40_3626 on Wed, 05/18/2016 - 20:12

I have no sympathy for the users of the hacked hacking site, they were trying to get information to hack us.

I really think this hacking business is getting worse and will ultimately result in closing down the internet. To begin with the insane method of using passwords to sign in to legitimate websites like this one, just does not work. Some bright spark has to come up with a more secure method and those writing the code for websites have to up their abilities.

alan.cameron_4852's picture

Submitted by alan.cameron_4852 on Thu, 05/19/2016 - 06:24

@gbruce40_3626 Yes I agree but hope is in sight.
Check out the project SQRL https://www.grc.com/sqrl/demo.htm
Steve Gibson has spent almost 3 years developing this with assistance from the many supporters in the grc.com news group.
The details of the project can be found by clicking in the links at the bottom of the page.

Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.