BreachForums disclosed that the data breach was carried out by a rival hacker forum, which exploited a zero-day vulnerability in MyBB, the free and open-source forum software.
In a recent exclusive report by Hackread.com, it was revealed that BreachForums has made a comeback under the control of the notorious ShinyHunters hackers, who are collaborating with the original moderator team from the original BreachForums.
This comes after the old forum was seized by the FBI and its alleged owner, PomPomPurin (real name: Conor Brian Fitzpatrick), was arrested in New York. Fitzpatrick was arrested by a team of investigators at his home in Peekskill, New York and charged with a single count of conspiracy to commit access device fraud.
Now, the revived forum has fallen victim to a data breach, resulting in the exposure of personal information belonging to more than 4,000 registered members. Initially, the identity and motives of the hackers behind this breach were unclear, given the complex dynamics involving security agencies and the past and current administrations of BreachForums.
Hackers vs. Hackers
However, during a communication on Telegram, one of the forum’s administrators known as “Weep” confirmed the occurrence of a cyber attack. Weep addressed the members of BreachForums and attributed the data breach to a rival forum called OnniForums, which prides itself as a dark web forum focused on security and anonymity.
Weep urged the forum members to reset their passwords and disclosed that the breach was facilitated by exploiting a zero-day vulnerability in MyBB. It is important to note that the BreachForums had been offline since the early morning of Monday, June 19th, 2023, but at the time of writing, the forum was back online.
Meanwhile, tweets allegedly from the official Twitter account of OnniForums have claimed responsibility for the attack. Another tweet from the same forum’s handle asserts their involvement in breaching another hacker forum known as “Exposed.” Notably, in May 2022, a partial database containing details of 460,000 members from the now-seized RaidForums was leaked on ExposedForum.
The Leaked Data
While uncertainties persist, initial analysis suggests the authenticity of the leaked data. The compromised information includes the following:
- Login keys
- Email addresses
- IP addresses
- Password hashes
- Registration dates
- Members’ last visits and posts.
- Number of posts and, last activity
- Social media handles with profile links and more.
BreachForums, notorious for its role in facilitating discussions and trade of stolen data, has once again become a focal point for cybersecurity concerns. The return of the forum, coupled with this recent breach, underscores the ongoing challenges faced by online communities in safeguarding user information and preventing unauthorized access.
If the personal data of cybercriminals is leaked online, it can have several potential outcomes. First and foremost, their identities and activities may be exposed to law enforcement agencies, making it easier for authorities to track and apprehend them. This can significantly impede their ability to continue engaging in illegal activities anonymously.
Furthermore, their reputation within the cybercriminal community may be tarnished, resulting in diminished trust and collaboration with other hackers. The leaked data could also provide valuable insights and intelligence to cybersecurity professionals, allowing them to better understand cybercriminal tactics and develop stronger defence mechanisms.
Overall, the leakage of personal data belonging to cybercriminals can have a substantial impact on their operations and make it more difficult for them to operate clandestinely.