Cybercrime forum OGUsers gets hacked, attackers steal data

  • Compromised data includes usernames, email addresses, hashed passwords, private messages and IP addresses of around 113,000 users.
  • The online forum is widely used by people involved in account hijacking as well as those who carry out SIM swapping attacks.

OGUsers, an online cybercrime forum known for selling account credentials, was hacked by attackers. The forum was breached on May 12 in what was at first reported as a case of an outage.

In addition to causing the outage, attackers also stole user data in the breach. Compromised data includes usernames, email addresses, hashed passwords, private messages, and IP addresses.

A close look

  • According to KrebsOnSecurity which reported on the hack, the breached database contained user data of around 113,000 users of the forum. A copy of the database was obtained by KrebsOnSecurity from another hacking forum ‘RaidForums’, which made the data available for free to download.
  • On May 12th, 2019, OGUsers had earlier mentioned that the forum was down due to an outage. The administrator of the forum said that a hard drive failure had erased private messages, forum posts, and prestige points.
  • Post the hacking incident, users of the forum have also complained that the admin of OGUsers changed certain functionality to prevent them from deleting their accounts.

Competitor forum spills the data

As mentioned earlier, the hacking community RaidForums put up the data of OGUsers for free on its forum.

“I have uploaded the data from this database breach along with their website source files. Their hashing algorithm was the default salted MD5 which surprised me, anyway the website owner has acknowledged data corruption but not a breach so I guess I’m the first to tell you the truth. According to his statement he didn’t have any recent backups so I guess I will provide one on this thread lmfao,” read the message by RaidForums’ administrator Omnipresent.