Approximately 113,000 forum users’ IP addresses, emails addresses, hashed passwords and private messages were exposed after an Account Hijacking Forum going by the name OGusers was hacked. The [.com] site is known for SIM swapping attacks used to gain control of victims’ phone numbers.
OGusers administrator announced to the forum members on May 12 that a hard drive failure had caused the loss of private messages, posts and prestige points. The data lost spanned several months thus the administrator restored a backup from January 2019. The may 12 data loss incident, however, coincided with the hacking of OGusers’ database and erasure of the forum’s hard drive.
The hack came to light on May 16 when the administrator of RapidForums (a rival hacking site) announced that he had published OGusers’ database for interested users to access for free. Although people couldn’t believe at first, availability of OGusers’ files in RapidForum site has confirmed that the it was not a hard disk failure but rather a hack.
While the passwords were hashed, MD5 encryption technique used to encrypt them is old and vulnerable thus can be easily decrypted. While exposing the hack, this is what this is what an administrator wrote on RapidForums, “I have uploaded the data from this database breach along with their website source files. Their hashing algorithm was the default salted MD5 which surprised me, anyway the website owner has acknowledged data corruption but not a breach so I guess I’m the first to tell you the truth. According to his statement he didn’t have any recent backups so I guess I will provide one on this thread lmfao.”
OGusers administrator upon learning about the hack argued that “you must realize other sites such as Twitter, Facebook, Dropbox, Forums you have used in the past, and many more have been breached at least once.” Although he sympathized with users.
Despite hacks being common lately, the public are amused that two hacking sites are taking on each other.