A hacking platform known for stealing online account numbers and carrying out SIM swapping to control victims’ phones, has had a taste of its own medicine following a cyber-attack.

Hackers infiltrated Ogusers[.]com to compromise email addresses, encrypted passwords, IP addresses and personal messages belonging to around 130,000 of the platform’s users, KrebsOnSecurity reports.

The administrator at Ogusers recently revealed to users that a hard drive failure had deleted months’ worth of private messages, posts and rewards points and that back-up had been in place as of January 2019.

Users did not know, however, that the erasure happened at the same time as a major hack into the forum’s database.

On May 12th, two days after the Ogusers announcement, rival hacking community RaidForums said that they had published the Ogusers database and had made it freely accessible for download.

The RaidForums administrator known as Omnipotent, said:

“I have uploaded the data from this database breach along with their website source files. Their hashing algorithm was the default salted MD5 which surprised me, anyway the website owner has acknowledged data corruption but not a breach so I guess I’m the first to tell you the truth.

“According to his statement he didn’t have any recent backups so I guess I will provide one on this thread lmfao.”

The database, downloaded by KrebsOnSecurity, holds data including, usernames, email addresses, hashed passwords, messages and IP addresses of Oguser’s 113,000 users. The publication has caused a great deal of disruption on the forum, and many users saying they are now receiving phishing emails aimed at their Oguser accounts.


GDPR Summit Series is a global series of GDPR events which will help marketers to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond. Further information and conference details are available at http://www.gdprsummit.london/


comments powered by Disqus