OGUsers, one of the most popular hacking forums on the internet, today revealed a violation, the second since 2019.
"It seems that someone was able to breach the server through a shell that he put in the avatar that he uploaded to the forum software. That's how he got access to our current database, "said Ace, the forum administrator.
The intruder is believed to have stolen information of the 200.000 users of the forum.
The briefing was detected by the data breach monitoring service.
Before the forum went offline, administrators said they would be resetting passwords and urged all users to enable moderation ID cardtwo-factor authentication (2FA) on their accounts, so that the data obtained is not used for account hijacking.
The site served as a training and meeting space hacker who were trying to organize SIM card attacks (SIM jacking).
The previous breach was in May 2019, when a hacker breached the OGUsers servers again, stealing details from 113.000 users the forum had at the time. But the attack did not stop there, since the hacker deleted the hard ones diskserver and later posted the stolen data on a rival hacking forum.