Hacker Forums Hacked

Uploaded on 2021-03-12 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Three of the longest running and most notorious Russian-language forums serving thousands of experienced cyber criminals have been hacked. Intelligence experts say they detected a breach of the 'elite' Maza cyber crime forum, previously known as 'Mazafaka', on 3rd March 2021. 
 
Maza is a highly-restricted Russian-language cyber crime form that has been in operation for many years, providing a communal service for some of the most sophisticated cyber criminals and financial fraudsters. 

The hack exposed information of thousands of forum members, including their user ID, username, email, password (hashed and obfuscated), certificate file names, certificate passwords and members contact information on Yahoo, MSN, Skype, and the audio to text conversion platform ICQ. 

The data breach at Maza comes after another major Russian-language forum 'Verified' suffered a compromise in February 2021. Tens of thousands of private messages between Verified users, including deposit and withdrawal information about Bitcoin, were reportedly stolen in this breach.Another Russian hacker forum, 'Exploit', is also reportedl to have been hacked, with one forum member warning other users to be careful with registered emails across multiple forums. 

The hack has left forum members worried that their data may be used by law enforcement agencies to discover their real identities.

In the case of Maza, somebody dumped a 35 page PDF file on the Dark Web containing usernames, redacted passwords and other details the personal information of forum members.Researcehrs from the leading threat intelligence form  Flashpoint say the leaked Maza database is legitimate and that Maza forum visitors were being redirected to a breach announcement page.

According to the Krebs on Security website, only intelligence services or people who know where the servers have the required skill and capabilities to disrupt criminal forums to that extent and it would appear that someone is purposefully undermining these forums.

In February, Dutch police reportedly posted "friendly" messages on two hacking forums, saying that "hosting criminal infrastructure in the Netherlands is a lost cause". The police messages were posted after 'Operation Ladybird', in which law enforcement agencies across several countries join hands to disable Emotet, one of the  most dangerous malware botnets, which has been deployed in a number of major criminal attacks on banks and other organisations. 

As part of that investigation, the Dutch National Police discovered a database containing email IDs, usernames and passwords stolen by Emotet.

Maza was hacked once before in  ten years ago when the data of more than 2,000 cyber criminal users, along with all of their forum correspondence was exposed

Brian Krebs:     Flashpoint:       Computing:      BankInfoSecurity:       ZDNet

You Might Also Read:

DarkMarket Taken Down:

 

« On International Women’s Day Only 10% Of Top Executives Were Female
European Banking Authority Attacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

RU-CERT

RU-CERT

RU-CERT is the CSIRT / CERT team of the Russian Federation.

JPCERT/CC

JPCERT/CC

JPCERT/CC is the first Computer Security Incident Response Team (CSIRT) established in Japan.

Greenetics Solutions

Greenetics Solutions

Greenetics Solutions is a company focused on providing solutions for information security.

NJVC

NJVC

NJVC delivers IT automation, optimization and security to empower mission-enabling IT for customers with secure requirements.

Robert Walters

Robert Walters

Robert Walters is one of the world's leading global specialist professional recruitment and recruitment process outsourcing consultancies.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

TestArmy

TestArmy

TestArmy CyberForces provide you with a broad spectrum of cybersecurity services to test every aspect of your IT infrastructure security and software development process.

Horizon3.ai

Horizon3.ai

Horizon3.ai is a leader in security assessment and validation enabling continuous security overwatch from an attacker’s perspective through our NodeZero SaaS solution.

Bedrock Systems

Bedrock Systems

BedRock Systems is on a mission to deliver a trusted computing base from edge to cloud, where safety and security isn’t just a perception, it’s a formally proven reality.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

VAST Data

VAST Data

The VAST Data Platform delivers scalable performance, radically simple data management and enhanced productivity for the AI-powered world.

Alpha Echo

Alpha Echo

Specialising in security advice and enterprise-wide Cyberworthiness, Alpha Echo helps Australia deliver on cyber outcomes at a military grade level.

Sattrix Information Security

Sattrix Information Security

Sattrix Information Security understand the evolving threat landscape and provide businesses with comprehensive cybersecurity solutions.

Dream

Dream

Dream is developing an AI platform that enables cyber resilience and protects nations from hostile nation-states cyber attacks.