In association with heise online

19 May 2010, 17:12

Hackers penetrate Carder forum

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Padlock broken Hackers have penetrated German underground forum, copied login details, e-mail addresses and private e-mails from several thousand members and published them on RapidShare. According to a list seen by The H's associates at heise Security, the forum software had also logged the IP addresses of nearly one thousand members over a specific period. These have also been published.

The forum was used by criminals for various illegal activities, such as trading stolen credit card details and login details for online games. As well as posts from forum members, the SQL dumps from the forum application uploaded to RapidShare unfortunately also include a range of victim-related data.

The unidentified hackers may well be the same group which hacked the 1337-crew underground forum in late 2009 and likewise published the stolen data – in response, German police arrested a number of forum members and administrators.

This time around, the hackers have published information on how they hacked the site in a magazine-type format entitled 'owned and exposed'. They point out that their hack was made easier by the laxness of the access rights to the Linux system assigned by the administrator. Reportedly, all users had read access to the entire system including /root, and the web server account was set up as owner of all files.

In a German language message to their members, the group behind describes it as "a dark day for the scene" and apologises for logging IP addresses. They add that this was not done deliberately, but was the result of an error by administrator Zagerus, who has now been "suspended". They anticipate that only the team behind the site will be caught up in any legal investigations.

This strike against criminals who spend their time hacking other people's servers may give rise to a degree of malicious joy, but the hackers' actions have also resulted in data belonging to unwitting users being spread around the internet. It seems less a simple case of 'good vs. evil', more a conflict between competing groups with resultant collateral damage.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit