OxAlien, known for his high profile Virgin Radio Dubai hack is back in news by breaching into an Iranian based cyber crime and events archive website, as a result the database and 2000+ login accounts have been leaked online.
The site is not government owned yet contains massive data, exposing login details of site users.
The hacker contacted me on Twitter and explained why the site was targeted, a similar explanation can be found on Pastebin where the data was dumped. The message can also read below:
- The majority of the leaked accounts belong to Irani defacers.
- The owner sucks for scanning his website with Acunetix to expose the vulnerabilities (This explains why there are emails like “firstname.lastname@example.org”.
- The passwords might work on the emails so make sure to login on each and every email for maximum lulz. =)
After analyzing the dumped data, I have found sites’s database, site admin’s emails with encrypted passwords, emails and encrypted passwords of thousands of Irani based defacers and site users, most of leaked emails are from @yahoo.com @gmail.com and @hotmail.com.
Link of targeted site and dumped data is available below:
It seems the breach has massively affected the site as at the time of publishing this article, the website was down and displaying ‘maintenance’ message.