A popular underground hacker forum used by cybercriminals to trade and purchase leaked data, stolen credentials and software cracks was recently breached.
According to Risk Based Security, hackers leaked a 1.3GB compressed archive containing a massive 9.45GB database file with the details of more than 536,000 Nulled.io user accounts, including usernames, email addresses, encrypted passwords, registration dates and IP addresses.
Furthermore, the data is also comprised of over 800,000 personal messages exchanged between site users and thousands of invoices, purchase records and even donations.
The security firm added the comprehensive data dump offers enough information to potentially match a member ID to the attached invoices, transactions and other content like member messages and posts.
“When services such as Nulled.io are compromised and data is leaked, often it exposes members who prefer to remain anonymous and hide behind screen names,” read a blog post by Risk Based Security.
“By simply researching by email or IP address, it can become evident who might be behind various malicious deeds. As you can imagine, this can lead to significant problems for forum users,” said Risk Based Security.
Researchers at the security firm analyzed the exposed email addresses and found that 19 accounts were registered with .gov domains from the United States, Philippines, Brazil, Turkey and more.
Although it is still unclear how the breach occurred, or who was behind the attack, experts believe the breach was caused by critical issues in the forum software, IP.Board.
Following the data breach, the Nulled.io website was taken offline. As of this writing, the site has yet to be restored.