WeLeakData data leakers get their private data leaked - by WeLeakData

News by Teri Robinson

A month after hacker forum WeLeakData.com was closed, the content of its database, including hackers’ private messages, is for sale on the dark web.

A month after hacker forum WeLeakData.com was closed, the content of its database, including hackers’ private messages, is for sale on the dark web.

Noting claims that the US FBI seized the forum, resulting in its closure, are unsupported, researchers at Cyble which identified and verified the database leak said, “After a brief time of being offline, allegedly, the site was sold to a new member of the forum, and came back online.” About the same time they observed “a new fork cracking site – leaksmarket.com which was strikingly the same site (operated by a new actor with no credibility), with all the same content,” leading them to believe the original WeLeakData database either had been compromised or rebranded by the original owner. “However, when they came back online in April, the second hypothesis got nulled, and we then had a high degree of the confidence level of a data breach, at one of the largest cracking communities itself,” researchers said in a blog post.

WeLeakData.com, which researchers referred to as a well-managed forum competitive with RaidForums traded in leaked databases, using third-party e-commerce platform Shoppy to upgrade memberships.

When Cyble researchers first accessed the database from a dark web market seller in April, they found it contained information, such as email addresses, usernames, passwords, private messages and IP addresses, on the forum’s members, “mostly researchers, hackers, cybercriminals and crackers.”

In April 2020, Cyble researchers managed to gain access to the WeLeakData.com database from a darkweb market seller and identified several interesting aspects from the database file.

The database includes interesting information of its members, who are mostly researchers, hackers, cybercriminals and crackers.

The reputation of the forum is undoubtedly there and is seen as a competitor to RaidForums. The business model of the forum was quite straightforward- it was mainly a criminal forum that specialises in the trade of leaked databases and uses the third-party e-commerce platform Shoppy for membership upgrades

Saying “there is no honour among cyber-thieves,” KnowBe4 security awareness advocate Javvad Malik pointed out, “All credentials and private data such as chat data has some value, and the private conversations of WeLeakData proves no exception.” And the breach demonstrates that no data is safe.

“The biting irony of the situation aside, the serious takeaway is that no data is safe,” comforte AG product manager Trevor Morgan said. “Not even the data generated, collected, and stored by the people engaged in intrusion and data theft, by those who know intimately how defence tactics can be overcome for their own purposes (and potential gain).”

The WeLeakData.com breach, Malik said, “should be a reminder for all organisations of all sizes and nature, that they should invest into cybersecurity, because even data which they feel may be of little value, always has value to criminals.”

First published by SC US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews