UPDATED 21:30 EST / DECEMBER 29 2020

SECURITY

Credit card details stolen in hack of Usenet site NZBGeek

NZBGeek, a popular Usenet site, has been hacked with user information including credit card details stolen.

It may surprise many that Usenet still exists in 2020. Established in 1980 as a precursor to internet forums, it was still somewhat popular through the mid-2000s for threaded discussions.

Although general use has massively dropped off — Slashdot declared Usenet dead in 2008 — it has still stuck around primarily for the distribution of pirated content. Indeed, it’s sometimes described as the best alternative to BitTorrent downloading.

NZBGeek was established in 2012 as a paid service that allows users to discover Usenet threads including pirated content. It’s regularly rated as being one of the best Usenet indexing services.

The hack of NZBGeek was announced on Dec. 27, with the hack said to include the theft of usernames, encrypted passwords, email addresses and credit card numbers. The hack involved the installation of a keylogger on the NZBGeek website. According to the operators of the site, the keylogger is believed to have been placed on the site on Nov. 20, so all users of the site since that time have potentially had their details stolen.

Speaking to TorrentFreak, an operator of the site who goes by the name Jeeves, said though the site itself does not store credit card details, the hackers used an SQL exploit to install a Javascript-based keylogger. A keylogger intercepts details after users enter them on a site.

The type of keylogger was not identified, but it sounds like a Magecart attack. In a typical Magecart attack, the skimmer is attached to the submit button on the checkout form on a targeted site. Once users click on a submit button, the code intercepts all customer information, then sends it to the hackers.

There is a long list of companies being targeted in Magecart attacks. Magecart first emerged in 2018 with an attack on British Airways Plc., spreading to Newegg Inc., the Infowars StoreCathay Pacific Airways Ltd.Ticketmaster Entertainment Inc., Macy’s Inc.Sweaty Betty and Oxo International Ltd., among others.

The operators of NZBGeek have recommended that users of the site since Nov. 20 take appropriate action, including reporting the potential theft of their credit card details to their card issuer to protect them from any unlawful charges. Despite user passwords allegedly being encrypted, the operators also recommended that those who use the same username/password combination on any other site should change them along with using two-factor authentication with their accounts.

Image: NZBGeek

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU