If you have Russian-language malware forums on your computer, this article will help you fix it.
Don’t suffer from crashes and errors. Fix them with ASR Pro.
Over the past few weeks, two or three of the oldest and most respected Russian-language online service forums have been hacked, involving many experienced cybercriminals. In two attacks, the main attackers escaped using user databases on the forum, including email and web addresses, and hashed passwords. Members linking to all three forums fear the incidents could serve as a Rosetta Stone website to link the actual identities of the same users across multiple crime forums.
On Tuesday, someone uncovered thousands of disguised usernames, email addresses and passwords that were apparently stolen from Mazafaka (also known as “Maza”, “MFclub”), a forum dedicated to the crime that more than was posted. some of the most experienced and well-known cyber thieves in Russia for the year.
At the top of a leaked 35-page PDF file is a secret-level key allegedly used by Maza administrators. The database also contains fICQ acts for many users. ICQ, also known as I’m Looking For You, was a great instant messaging platform that was trusted by dozens of early adopters before it went out of fashion in favor of a proliferation of private networks like Jabber and Telegram.
This is noteworthy because ICQ percentages associated with specific accounts often become reliable data that asset finders can use to link one or more accounts to the same user in many forums and with different aliases instead of time changes.
Intel 471 Cyber Intelligence considers the Maza database leak to be credible.
“The file contained over 3,000 lines of usernames, partially obscured verbose hashes, email addresses and other contact information,” notes Intel 471, noting that visitors to the Maza forum have now become a whistle-blower page and will be redirected. “First investigate the data breach for probable authenticity, because at least someFrom the leaked datasets, each user correlates with our own datasets. ”
The attack on Maz came just weeks after another major crime on the Russian forum was robbed. On January 20, the longtime administrator of the Verified Russian forum announced that the community’s primary domain registrar had been hacked and the site’s domain could be redirected to an Internet server controlled by the attackers.
“Our Bitcoin wallet has been hacked. Fortunately, we do not have large sums, but in any case, this is an unpleasant event. When the circumstances emerged, management took action. may have lost forum accounts (unlikely, but no doubt about that) In our business, we had better be careful, so we decided to reset all codes. It shouldn’t matter too much, just use them and use them immediately. €
“We are receiving reports that all of the forum databases were quickly stolen when the forum was hacked. Passwords for all accounts have been artificially reset. Divideshare this information with people you know. The forum was hacked through a domain registrar. First, the registrar was hacked, then the hosts of the domain name were changed and the traffic was listened to. €
On February 15, an administrator posted any message purportedly sent on behalf of attackers who claimed to have compromised the Verified domain registrar between January 17 and January 20.
“It should now be clear that the forum administration hasn’t done an acceptable job of enhancing the security of this thing,” said the attacker. “Probably just out of laziness, incompetence, or because they gave up. But the biggest surprise for us seemed to be that all of the buyer’s data was logged, including cookies, referral sources, IP domains upon first registration, web connection statistics and everything in between. / P>
According to other sources, hundreds of thousands of private messages have been stolen from verified users, including information on Bitcoin deposits and withdrawals, as well as personal Jabber contacts.
Maza and Verified Compromise -and possibly an important third major forum – worried community members that their precious true identities might be revealed. Exploit – arguably the second largest and most typical Russian forum after Verified – also found an obvious compromise this week.
According to Intel 471, the administrator of our Cybercrime Exploitation Forum on March 1, 2021 stated that the web hosting proxy the forum uses to defend against Distributed Denial of Service (DDoS) attacks was in fact hacked. by an unknown meeting. The administrator reported that on February 27, 2021, the system monitor detected unauthorized access to any server through a secure shell and an attempt to deposit network traffic.
Some forum members say these recent compromises appear to have been the work of a government advisor.
“Only the Secret Service, or people who know where the servers are located, can actually do something like this,” reflects an important achievement. “Three panels in the first month are really weird. I don’t think they are popular hackers. Someone is deliberately destroying forums. ”
Others wonder out loud which webpage will be next and complain about the loss of trust among users, which can be detrimental to business.
“Maybe consumers are working with logic,” wrote one user of the exploit. “Of course, there will be no more forums, there will be no more trust between everyone, less interaction, more couples that are hard to find, less attacks.”Update, March 4, 6:58 PM ET: Intel 471 reports that the fourth crime forum was recently affected. An excerpt from a blog post you just posted about these special events: “In February, the administrator of another cybercrime forum, Crdclub, announced that the forum was currently under attack from that administrator’s account. Thus, the star behind the attack was able to trick forum customers into using a real money transfer service, which was apparently guaranteed by the forum administrators. It was a lie and it happened unknowingly.local budget, distracted from the forum. Forum administrators promised to pay compensation to many crooks. Other irrelevant information appears to have been compromised during your attack. ”
A note posted by a major verified forum administrator about the work of their registrar in January.Click here to Download this software and fix your computer.
Forums Russes Sur Les Logiciels Malveillants
Российские форумы по вредоносному ПО
Forum Sui Malware Russi
Foros De Malware Ruso
Rosyjskie Fora Dotyczące Złośliwego Oprogramowania
Ryska Forum För Skadlig Programvara
Fóruns Russos De Malware
러시아 맬웨어 포럼