A group of popular darknet hackers
going by the handle of Peace_of_Mind have hacked and defaced the
official website of w0rm.ws, an ‘invite only’ hacking and trading forum
that sells stolen data and exploits to buyers.
The
hackers left a deface page along with a brief message on the forum’s
homepage with personal details of a man named Sarpovu Nikolai alleged by
the hackers as the owner of the wOrm.ws forum. In other words, the
hackers have allegedly doxed the owner of the w0rm.ws forum. It is
unclear if Nikolai is the real owner of the forum but the deface page
has personal details about him. That includes his date of birth,
father’s name, mother’s name, nationality, residence permit and his
operating system.Hell is a darknet hacking forum which was hacked last year but surfaced back on the Internet earlier this year. However, when it comes to the leaked data we requested the data mining company Hacked-DB for a scan and here’s an in-depth data analysis.
Leaked data
In
total, the entire website data including files, databases, exploits
kits, user data including accounts, passwords, history, PMs, forum posts
and other sensitive data has been leaked.
The
hackers leaked forum’s database in a zip and SQL files. The very first
file available for download is ekit.sql which contains information
client-side exploits and details about exploits with Common
Vulnerabilities and Exposures (CVE) in text only from. The same file is
also a database for Hunter exploit kit. Furthermore, there are few links to third party exploit files.
Exploit Hunter kit
The
second file in the database is ”hunter_ek.tar.7z” which is actually
a full exploit folder of the targeted forum. It contains important
information about the database – showing that the forum successfully
created exploits for high-profile software including Adobe Flash player,
Internet Explorer, Microsoft Office and PowerPoint.
No comments:
Post a Comment