OGUsers, one of the most popular hacking forums on the internet, today revealed a violation, the second since 2019.
"It seems that someone was able to breach the server through a shell that he put in the avatar that he uploaded to the forum software. That's how he got access to our current database, "said Ace, the forum administrator.
The attacker is believed to have stolen information from the forum's 200.000 users.
The short announcement was spotted by the agency monitoringof data breach.
Before the forum went offline, administrators said they would be resetting passwords and urged all users to enable two-factor authentication (2FA) on their accounts to prevent the use of data that have been received hijacking accounts.
The site served as space training and meeting place for hackers who tried to organize SIM card attacks (SIM jacking).
The previous breach took place in May 2019, when a hacker again breached the OGUsers servers, and stole details from 113.000 users of the forum at the time. The attack did not stop there, however, as the hacker deleted the server's hard drives and later posted the stolen data to an adversary hacking forum.