On hacking-dedicated site Raidforums [.] Com was published a dump, containing data from more than 321,000 users of another hacker resource, Cracked [.] To.In general, according to the information of the leak aggregator HaveIBeenPwned, the dump posted on Raidforums is a database generated by the myBB forum. The database contains 749 161 unique email addresses, as well as IP addresses, usernames, private messages and passwords stored as bcrypt hashes.
Cracked.to describes itself as a forum that provides “cracking tutorials, tools, combolists, marketplace and many more stuff!” Raidforums, meanwhile, offers forums on the same topics.
ArsTechnica reporters who have already studied the leak, report that the 2.11 GB dump includes more than 379,000 private messages.
Many of these messages feature details that most hackers usually try not to disclose, in addition to usernames, email addresses, and IP addresses.
Having this information, it becomes possible to identify people who wanted to buy, sell or support software or services for hacking.
Read also: C&C server of the new version of Mirai hides in the Tor-network
Journalists point out that on Cracked [.] To very popular topics for discussion were transactions and hacking accounts for the Fortnite game. The site flourished selling already compromised accounts, as well as discussing special hacking software. Also on the site, for example, are advertised services for using CVE-2018-20250, a critical vulnerability in WinRAR found earlier this year.
“With no doubt, private messages being leaked in plaintext is the worst thing about the whole database breach.However as a forum owner you can’t really control what people are dealing with in DMs unless you look them up directly in the database”, — the administrator, who uses the handle floraiN, said.
How the Raidforums administration managed to get the database of another hacker resource is still unclear. The head of Raidforums, known under the pseudonym Omnipotent, succinctly told reporters that the case was not without an exploit, but did not specify.
Meanwhile, back in July 2019, Cracked [.] To operators recognized that backups of forums and databases fell into the hands of not sufficiently reliable people, after which resource administrators decided to switch from a weak default password hashing scheme to a more reliable solution and asked all users change passwords.
Thanks to this case, leaked passwords now are protected by bcrypt, so, cracking them will be expensive and long process.