- Joined
- May 15, 2016
- Messages
- 14,040
- Likes
- 2,643
- Points
- 1,730
The stolen data the criminal put up for sale on a public hacker forum.
The Bulgarian cybercriminal hacked online forums EscortForumIt.xxx (Italy) and Hookers.nl (Netherlands) on sex services and stole personal data from more than 333 thousand resource users. The stolen information the attacker put up for sale in one of the public hacker forums.
Affected forums were based on outdated versions of the popular forum engine vBulletin. Recall that at the end of September, information and a PoC code for a critical vulnerability in vBulletin (CVE-2019-16759) was published on the Web, the operation of which allows you to enter commands and remotely execute code on the system. Soon, the developers of the forum engine released an update that fixes dangerous vulnerabilities in software.
According to the publication ZDNet, stolen databases include logins, email addresses and user passwords. The organizer of the hack is someone known as InstaKilla, a cybercriminal who previously posted on the web the data of the Bulgarian National Revenue Agency (National Agency for come). Note that InstaKilla did not actually hack the agency’s website, but only published data on the Internet. In addition to hacking the EscortForumIt.xxx and Hookers.nl forums, the attacker is also responsible for compromising the Comodo Forums and leaking user data.
According to the publication, InstaKilla offers personal data of users of not only the specified forums, but also more than 10 others working on the basis of vBulletin (which ZDNet does not specify exactly).