Clash of Kings official forum hacked, data of 1.6 million accounts leaked

[Petrovic]

An anonymous hacker said the assault was carried out by exploiting a known weakness in the forum's software.

 

The official forum for popular mobile strategy game Clash of Kings has reportedly been breached and the hacker has stolen about 1.6 million user accounts. According to data on breach notification site LeakedSource, the breach, which was allegedly carried out on 14 July, was able to steal usernames, email addresses, IP addresses, Facebook data and access tokens.

 

"Exposing vulnerable applications to the internet is like walking through the hall with a kick-me sign stuck on your back," Tripwire senior security researcher Travis Smith was quoted as saying by VentureBeat.

 

"Attackers can quickly search the Internet for any system with a known vulnerability, then use readily available tools to exploit and take over the system."

The forum is currently offline and "under maintenance" at the time of publication.

An anonymous hacker told Zdnet that the assault was carried out by exploiting a known weakness in the forum's software - an older 2013 version of vBulletin that includes multiple security flaws that can easily be abused to gain access to and swipe forum data using tools that readily available online.

 

The vulnerability was found using a technique called "Google dorking" which involves using search engines to find information that won't usually pop up in a normal search.

In 2013, an Iranian hacker was able to bust his way into a New York dam's computer system using the technique as part of a massive breach that amounted to millions of dollars in damages.

 

"With the steady release of patches across a multitude of operating systems and applications, it's incredibly difficult to stay ahead of the patching game," Smith said. "Actively scanning for known vulnerabilities against Internet accessible systems is an efficient way to be aware of what your vulnerable attack surface looks like. With this information the business can focus on installing patches and updates to address what is most important for the business."

 

The latest breach follows a series of cyberattacks against various developers in the gaming industry.

 

Hacker group OurMine, the team that recently targeted a long list of tech leaders and celebrities' social media accounts, recently claimed to have broken into popular world-building video game Minecraft's accounts, just days after they allegedly fired a series of DDoS attacks to bring down wildly popular mobile game Pokemon Go's servers. Last week, they also claimed responsibility for taking over Sony's Shuhei Yoshida's Twitter account as well.

 

In June, notorious hacking collective Lizard Squad claimed to have launched their own DDoS attacks to take down Blizzard's servers and prevent players from logging into its games.

Article source

[knowledge-Spammer]

much forums  have   vulnerability

was found using a technique called "Google dorking" which involves using search engines to find information that won't usually pop up in a normal search. lol

 

[knowledge-Spammer]

it make me think of

The popular hacker forum Nulled.io has been breached and its members’ details have been made public, Risk Based Security reported last week.

Nulled.io is a forum where roughly 500,000 users have discussed leaks, monetization methods, cracks, and coding. The website is also a place where people buy and sell services, products and compromised credentials.

On May 6, hackers leaked a 1.3Gb archive containing a 9.45Gb database file that stores the details of more than 536,000 Nulled.io user accounts, including usernames, email addresses, hashed passwords, registration dates and IP addresses.

Hackers also made available over 800,000 personal messages exchanged by the site’s users, and thousands of purchase records and invoices.

Nulled.io’s VIP users are also affected by the breach. The compromised database contains a table for VIP access payments, including IDs that can be matched to specific users, payment methods, dates, amounts, and PayPal email addresses. VIP users are probably displeased with the fact that they paid to access content that has now been made public.

Additionally, researchers found that the leaked data includes API credentials for payment gateways, authentication logs, geolocation data, and donation records.

Risk Based Security has analyzed the exposed email addresses and found that some of them are hosted on government domains from the United States, Philippines, Jordan, Brazil, Malaysia, Macao and Turkey.

It’s unclear at this time who is behind the attack and how they managed to obtain the Nulled.io database. However, experts noted that the forum is powered by the IP.Board forum software, which is known to be plagued by many vulnerabilities. Daniel Cid, founder and CTO of Web security firm Sucuri, noted last week that IP.Board forums had been targeted in attacks exploiting a recently disclosed ImageMagick flaw.

“When services such as Nulled.IO are compromised and data is leaked, often it exposes members who prefer to remain anonymous and hide behind screen names,” Risk Based Security wrote in a blog post. “By simply searching by email or IP addresses, it can become evident who might be behind various malicious deeds. As you can imagine, this can lead to significant problems for forum users. If law enforcement obtains this information, (which no doubt they already have) it can be used to filter out any ‘suspects’ under investigation for possibly conducting illegal activities via the forums.”

Nulled.io has been taken offline following the breach. The exposed credentials have been added to the Have I Been Pwned service, which allows users to check if their information has been exposed in a data breach.

 

https://www.nulled.to/ is back up again now but will never be like it was