The whole database for the infamous BreachForums v1 hacking discussion board was launched on Telegram Tuesday night time, exposing a treasure trove of knowledge, together with members’ info, non-public messages, cryptocurrency addresses, and each put up on the discussion board.
This knowledge comes from a database backup allegedly bought by Conor Fitzpatrick, aka Pompompurin. In 2022, after the RaidForums hacking discussion board was seized, Fitzpatrick launched BreachForums v1, which was later seized by the FBI after Fitzpatrick was arrested.
Fitzpatrick allegedly bought this database in July whereas he was out on bail. The information has since been circulating amongst completely different menace actors, with one making an attempt to promote it for $150,000 later that month.
Whereas the database was shared with Have I Been Pwned on the time, it was by no means publicly launched till this previous weekend.
Drip … drip … drip
For the reason that weekend, there was a gradual leak of knowledge from the BreachForums v1 database.
It began with the menace actor Emo releasing a restricted export of member knowledge, together with member names, electronic mail addresses, and IP addresses after they had been banned from the present incarnation of BreachForums.
Nonetheless, as infighting continued among the many BreachForum neighborhood members, Emo leaked your entire database Tuesday night time, exposing an amazing quantity of further knowledge.
“Discover enclosed the total BreachForum v1 database, each report as much as November twenty ninth, 2022,” Emo posted to Telegram.
“This database consists of the whole lot, Personal Messages, Threads, Fee logs, detailed IP logs for every person, and so on. I initially solely leaked the person desk to discourage it from being bought behind the scenes by BreachForum employees, nonetheless it is turn into obvious that so many individuals have the database now that it being leaked is an inevitability.”
“This can give everybody an opportunity to assessment their data and repair holes of their OPSEC.”
Supply: BleepingComputer
BleepingComputer has obtained the database and, primarily based on timestamps within the database data, can affirm it’s a complete backup of the MyBB discussion board that was created on November twenty eighth, 2022, at roughly 7 PM ET.
The database accommodates all of the discussion board knowledge, together with members’ hashed passwords, non-public messages between customers, cryptocurrency addresses used to buy discussion board credit, and each put up on the positioning.
The non-public messages are significantly damaging, with menace actors messaging one another about their exploits, expressing a need to buy entry to networks, or looking for entry to the newest stolen knowledge.
Supply: BleepingComputer
The information additionally consists of cryptocurrency addresses used to buy web site credit, which allowed members to view content material hidden in discussion board posts.
These addresses will permit crypto intelligence companies to tie historic cryptocurrency funds to particular menace actors.
Whereas legislation enforcement already has this database after they seized the positioning and arrested its proprietor in 2023, different menace actors, journalists, and researchers haven’t seen it till now.
Although the information is sort of two years previous, it’s going to nonetheless be an operational security (OPSEC) check for a lot of menace actors who frequented the boards.
OPSEC is a technique used to guard delicate info that could possibly be utilized by adversaries to realize a bonus or determine you.
Did the hacking discussion board members adequately carry out OPSEC through the use of VPNs or Tor when connecting to the positioning, utilizing privated electronic mail addresses, or correctly hiding their identities?
Solely time will inform as researchers and journalists use this knowledge to construct menace actor profiles that tie them to different malicious exercise.
