U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Peace_of_Mind hacked the hacking forum w0rm_ws and doxed its alleged owner

The notorious hacker Peace_of_Mind has hacked and defaced the official hacking and trading forum w0rm.ws and doxed its alleged owners. ‘Peace_of_Mind‘ (PoM) is a very active actor in The Real Deal Market and The Hell black markets, he offered for sale the dumps from clamorous data breaches, including Yahoo, LinkedIn and MySpace The w0rm.ws a famous hacking platform, it is an ‘invite only’ […]

Peace_of_Mind hacked the hacking forum w0rm_ws and doxed its alleged owner

The notorious hacker Peace_of_Mind has hacked and defaced the official hacking and trading forum w0rm.ws and doxed its alleged owners.

Peace_of_Mind‘ (PoM) is a very active actor in The Real Deal Market and The Hell black markets, he offered for sale the dumps from clamorous data breaches, including Yahoo, LinkedIn and MySpace

The w0rm.ws a famous hacking platform, it is an ‘invite only’ hacking and a trading forum where it is possible to sell and buy exploits and stolen data.

Peace_of_Mind has defaced the website and leaked on its homepage the personal information of the alleges mastermind behind the hacking service, Sarpovu Nikolai.

The home page w0rm.ws was displaying Nikolai’s personal details, including date of birth, father’s name, mother’s name, nationality, and residence permit.

w0rm-matermind-peace_of_mind

 

The hacker published the following message on the defaced homepage:

“Hacked by Peace of Mind for fucking with Hell Forum”

a circumstance that suggests a dispute between the underground hacking forums The Hell and wOrm.ws.

Also The Hell was hacked in the past, last year unknown crooks breached it and leaked its data, the hacking forum appeared back on the underground earlier this year.

Back to the w0rm.ws case, the colleagues at the Hackread.com published an interesting analysis made by Hacked-DB data mining company on the leaked data.

The main folder of the wOrm.ws, w0rmws.tar.gz, forum reveals that the hacking forum was running on an outdated and vulnerable version of the vBulletin CMS (version 3.8.7). The analysis of the content of the folder allowed the experts to find an email contact and a secret key for the Google captcha.

“Based on the leaked information it seems that the forum was hacked due to the old version of VBulletin with known exploits. The data basically uncover registered user accounts along with their PMs and IPs which can provide the lead if an authority will try to pursuit them. In addition, there are privately traded databases which may be only accessible to the forum users.” reported Hacked-DB.

The researchers at Hacked-DB have discovered that the administrator of the forum was using the Hunter exploit kit, the same used by The Hell and revealed after the data breach. On of the file included in the folder contains server login and timestamps details, it is not clear if they belong to the administrator of the platform.

The experts also found data related to 323 users of the forum, the records include username, encrypted password and personal messages sent by users to the forum admin.

The data dump included users’ activities and transactions successfully completed by the administrator of the forum since its launch:

Stay tuned!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Peace_of_Mind, criminal underground)