Hackers Target Russian Cybercrime Forums

Hackers Target Russian Cybercrime Forums

Elite cybercrime forum Maza aka MFclub has been taken over by hackers, according to new research by risk intelligence company Flashpoint.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

The Russian-language forum, which was originally known as Mazafaka, has served thousands of cyber-criminals since its launch in 2003. 

“Little is known at this time about the attackers who successfully compromised Maza,” wrote Flashpoint researchers. But thanks to the data allegedly leaked in the attack, quite a lot has come to light about the site’s users. 

Among the allegedly leaked Maza data obtained by Flashpoint analysts was user IDs, usernames, emails, passwords, and details for AIM, Yahoo, MSN, and Skype. 

“While the compromised data appears to be extensive, it’s worth noting that the passwords have been hashed and most other data fields included in the dump have been hashed or further obfuscated,” wrote researchers.

Cyber-intelligence firm Intel 471 said that the leaked files comprised more than 3,000 rows of information and that claims that the database belongs to Maza appear to be legitimate. 

Whoever was behind the cyber-attack did not attempt to keep it on the down low, opting instead to post a warning on the forum that read “Your data has been leaked” and “This forum has been hacked.”

The incident is the third attack on Russian-language online forums used by cyber-criminals this year. Verified was compromised on January 20, 2021, when the forum’s domain registrar was hacked, and another online community, Exploit, was the target of an unsuccessful Distributed Denial of Service (DDoS) attack.

Flashpoint analysts have observed Exploit users discussing whether the string of attacks is a new tactic by law enforcement to make it harder for criminals to communicate by sowing the seeds of distrust among forum users. 

The company said it is “actively monitoring cybercriminal discussions of Maza across the entire cybercriminal forum ecosystem commenting on the recent disruptions to many elite services and communities.”

This latest incident is not the first time Maza has been hacked. On February 18, 2011, the data of more than 2,000 cyber-criminal users, along with all of their forum correspondence, was exposed. 

By admin