San Francisco, April 7: Cybercriminal have broken into a fellow rival hackers forum that trades in stolen Instagram, Twitter and other accounts, and dumped the database on the Dark Web for all to grab. OGUsers is a forum where hackers come to trade SIM swappers' stolen phone numbers and Bitcoin accounts. According to the ‘Naked Security' team by cybersecurity firm Sophos, this is the second attack on OGUsers in the recent past, first spotted by data breach monitoring service Under the Breach. Microsoft, Zoom App Prone To Hacking; An Unpatched Bug Can Let Hackers Steal Users' Windows Password.
"Under the Breach tweeted a screengrab of a notice posted that day by OGUsers' admin, who goes by the username Ace. In that post, Ace claimed that a hacker successfully pulled off the breach by uploading a shell to the avatar uploading feature," said the Sophos team.
Within a few hours, a rival forum dumped OGUsers' database of about 200,000 user records. Those users' passwords apparently weren't encrypted, given Under the Breach's claim that over half of them had already been converted to plaintext as of the time the service posted. Ace announced in May last year that an outage had been caused by hard drive failure that erased months' worth of private forum posts and prestige points. Zoom Video Meetings Will Now Need Password Authentication; Is This The End of Zoom-bombing?
It later turned out that the outage coincided with the theft of the forum's user database and the erasure of its hard drives. Launched in April 2017, the forum is a market for buying and selling "OG" (original gangster) usernames which refer to usernames that are considered desirable, whether it's because they're short – such as @t or @ty. According to Motherboard, OGUsers have traded in hijacked social media accounts, as well as in PlayStation Network, Steam, Domino's Pizza, and other online accounts.
(The above story first appeared on LatestLY on Apr 07, 2020 11:54 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).