Advertisement

Hackers turn tables on account hijackers by stealing forum data

It might be a form of poetic justice.

Online account hijackers received a taste of ironic punishment this week. KrebsOnSecurity has learned that hackers stole the database from the popular hijacker forum OGusers on May 12th, obtaining email addresses, hashed passwords, IP addresses and private forum messages for 112,988 accounts. The administrator initially told users that a hard drive failure had wiped out the information and forced the use of a backup, but that tall tale fell apart when the administrator of a rival forum made the data public.

The incident reportedly sparked chaos, with users receiving phishing emails. The main OGusers administrator even turned off self-bans so that users couldn't leave and theoretically cover some of their tracks.

The hack's consequences could extend significantly beyond giving account thieves and SIM hijackers a taste of their proverbial medicine. There's a real chance law enforcement has its hands on the forum data. This could lead to more arrests, not to mention leads on existing cases. Don't be surprised if some of the users go quiet, or at least scramble to change email addresses and logins.