UPDATED 21:22 EDT / DECEMBER 02 2020

SECURITY

Stolen credentials forum OGUsers hacked again with user data stolen

Stolen credentials forum OGUsers has been hacked again, with user data stolen — a case of hackers being hacked.

First reported today by Krebs on Security, the hack is said to have taken place about a week ago with the front page of OGUsers defaced with a message stating that the forum’s user database had been compromised. The hack was confirmed by the forum’s administrator, who claimed that passwords were protected with “password obfuscation technology” that’s extremely difficult to crack, likely referring to encryption.

When OGUsers was hacked in May 2019, those behind the attack published the stolen user data on another forum. But the person behind the new hack has not yet released the database. A person claiming to be the hacker is instead taunting forum members, saying they can have their profile and private messages removed from an impending database leak for a payment of between $50 and $100.

Krebs on Security noted that the previously leaked databases — the site was also hacked in March 2020 — have been useful in tracing who’s behind high-profile incidents involving social media accounts and virtual currency heists that involved SIM swapping. In one case, data previously leaked in part led to the conviction of a 21-year-old Irish hacker earlier this month.

Erich Kron, security awareness advocate at security awareness company KnowBe4 Inc., told SiliconANGLE that this is a lesson that if you want to serve a community related to cybercrime, you can expect to be a target yourself, especially by competing services.

“The tactic they are using is suspiciously like what we see in ransomware attacks where data is exfiltrated,” Kron said. “It’s not the first time we have seen cybercriminals shake down the customers of an organization to prevent their data from being made public, but this is a fairly unique venue for this sort of tactic.”

Paul Bischoff, privacy advocate at tech research firm Comparitech Ltd., suggested that the hack of OGUsers is probably good news for social media users.

“The hack diminishes forum members’ trust and will likely result in some users leaving OGUsers,” Bischoff explained. “If I was using a forum that got hacked three times, I certainly wouldn’t stick around.”

Image: OGUsers

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.