Nulled.io, a hacking forum on the dark net, has been hacked and all of the website’s user database has been leaked for all to see. Nulled is a forum on the dark web where cybercriminals buy and sell stolen credit card and ID data, malware creation kits, and cracks to common software platforms. A not identified hacker group managed to breach the illegal website and published a 9.45GB SQL file named “db.sql” showing the messages, location data, and recent activities of the forum’s users. RiskBased Security made this statement about the case:
“Considering this forum promotes the sharing of these activities, it makes this breach quite ironic. Nulled.IO was running the IP.Board community forum commonly known as IP.b or IPb. It appears that the forum was also running an IP.Nexus Setup for its marketplace as well as VIP forums among a few other IPb plugins. While we do not have confirmation as to how this breach occurred at this point, there have been over 4,500 vulnerabilities to date in 2016, and with 185 total vulnerabilities in IP.Board (92 of them do not have a CVE by the way!) it is not hard to make a guess!”
The leaked data will be of great use for law enforcement authorities. The geo-location data for 907,162 posts is included in the hacking trawl, which could make the police work even easier.
An interesting fact though, there are 20 .gov email accounts listed in the database, which could mean that there were state-sponsored hacking teams among the users of the forum, including countries from the United States, Philippines, Brazil, Turkey and others.
The identity of the team that took down Nulled’s database is not known, however, it could be possible that governments are taking a more aggressive approach on websites associated with hacking activities.