Hacker Forums Hacked

Three of the longest running and most notorious Russian-language forums serving thousands of experienced cyber criminals have been hacked. Intelligence experts say they detected a breach of the 'elite' Maza cyber crime forum, previously known as 'Mazafaka', on 3rd March 2021. 
 
Maza is a highly-restricted Russian-language cyber crime form that has been in operation for many years, providing a communal service for some of the most sophisticated cyber criminals and financial fraudsters. 

The hack exposed information of thousands of forum members, including their user ID, username, email, password (hashed and obfuscated), certificate file names, certificate passwords and members contact information on Yahoo, MSN, Skype, and the audio to text conversion platform ICQ. 

The data breach at Maza comes after another major Russian-language forum 'Verified' suffered a compromise in February 2021. Tens of thousands of private messages between Verified users, including deposit and withdrawal information about Bitcoin, were reportedly stolen in this breach.Another Russian hacker forum, 'Exploit', is also reportedl to have been hacked, with one forum member warning other users to be careful with registered emails across multiple forums. 

The hack has left forum members worried that their data may be used by law enforcement agencies to discover their real identities.

In the case of Maza, somebody dumped a 35 page PDF file on the Dark Web containing usernames, redacted passwords and other details the personal information of forum members.Researcehrs from the leading threat intelligence form  Flashpoint say the leaked Maza database is legitimate and that Maza forum visitors were being redirected to a breach announcement page.

According to the Krebs on Security website, only intelligence services or people who know where the servers have the required skill and capabilities to disrupt criminal forums to that extent and it would appear that someone is purposefully undermining these forums.

In February, Dutch police reportedly posted "friendly" messages on two hacking forums, saying that "hosting criminal infrastructure in the Netherlands is a lost cause". The police messages were posted after 'Operation Ladybird', in which law enforcement agencies across several countries join hands to disable Emotet, one of the  most dangerous malware botnets, which has been deployed in a number of major criminal attacks on banks and other organisations. 

As part of that investigation, the Dutch National Police discovered a database containing email IDs, usernames and passwords stolen by Emotet.

Maza was hacked once before in  ten years ago when the data of more than 2,000 cyber criminal users, along with all of their forum correspondence was exposed

Brian Krebs:     Flashpoint:       Computing:      BankInfoSecurity:       ZDNet

You Might Also Read:

DarkMarket Taken Down:

 

« On International Women’s Day Only 10% Of Top Executives Were Female
European Banking Authority Attacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DoD Cyber Crime Center (DC3)

DoD Cyber Crime Center (DC3)

DC3 is a US Department of Defense (DoD) center of excellence for Digital and Multimedia forensics.

Promon

Promon

Promon is an application security vendor providing Self-Protection abilities to Mobile apps and Desktop applications.

Cofense

Cofense

Cofense (formerly PhishMe) is a leading provider of human-driven phishing defense solutions.

ABL Cyber Academy

ABL Cyber Academy

ABL provide certified training courses in the field of cyber security and IT project management.

Niagara Networks

Niagara Networks

Niagara Networks is a Network Visibility industry leader, with emphasis in 1/10/40/100 Gigabit systems and mission-critical IT and security appliances.

Suprema

Suprema

Suprema is a leading global provider of access control and biometrics solutions.

Pentagon Group

Pentagon Group

Pentagon Group is a provider of security services in high-risk environments, remote areas and emerging markets in support of land-based, aviation, maritime and cyber operations.

NSEIT

NSEIT

NSEIT offers end-to-end Information Technology products, solutions and services including cybersecurity to organizations in the financial sector.

TOAE Security

TOAE Security

TOAE Security is a trusted cyber security consulting partner helping today's leading organizations protect their most important assets from evolving cyber threats.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.

StrongBox.Academy

StrongBox.Academy

StrongBox.Academy provides cybersecurity training courses that are tailored to the specific needs and challenges of the industry.

Acumen

Acumen

Acumen's cyber security engineers protect your critical systems, in critical moments. We are here when you need us most.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ITButler e-Services

ITButler e-Services

At IT Butler, our mission is crystal clear: we are dedicated to providing top-tier cybersecurity solutions and best-practice methodologies to secure and enhance your digital infrastructure’s resilienc