It is unclear who hacked these forums but insider discussion believes government authorities were behind the attack as a “friendly warning” message.
Maza hacking forum, previously known as Mazafaka has suffered a data breach in which unknown hackers have leaked around 3,000 login credentials and other sensitive data of its registered users.
Maza is an infamous platform known for trading stolen financial information especially credit and debit card details. The specific term of this criminal activity is carding meaning trafficking of credit card, bank account, and other personal information online.
As for the recent incident, Hackread.com was contacted by an anonymous user with a set of records apparently belonging to users on the Maza hacking forum.
The user also shared inside screenshots showing the forum’s moderators acknowledging that one of their accounts going by the handle of “mak” was compromised on February 12th, 2021 leading to suspicious activity on the forum. The moderator also claimed that the attackers couldn’t access its entire database.
However, the group behind the attack posted a warning text that said “Your data has been hacked and the data shared by the anonymous user with Hackread.com shows some data was indeed stolen.
- User ID
- Email addresses (around 3,000)
- Hashed passwords
- Skype addresses
The leaked information also included a private encryption key supposedly used by the MAZA administrators.
Moreover, ICQ numbers are also part of the leaked database. This is significant because ICQ numbers linked to particular accounts are a resourceful data point that security researchers can use to triangulate multiple accounts to the same user over the span of various forums and nicknames used by the user.
Similarly, another infamous forum Verified was also hacked, and the site redirected to an Internet server completely under the control of the hackers.
These attacks on such high-profile forums are crucial, as they concern the members who are a part of this forum community; the fear of their real-life identities being exposed.
Some members of the compromised forums have even theorized these attacks were carried out by a government agency. This is interesting especially considering law enforcement authorities are now posting “friendly” warnings on hacking forums to avert activities that are illegal.
One such example is Dutch police who, last month, posted warning messages on Raid Forums and the popular Russian language hacker forum XSS.IS urging users to refrain from online criminal activities.