Hacker Forum ‘OGUsers’ Hacked for the Third Time in Its History

• Someone has exfiltrated the ‘OGUsers’ database once again, selling its contents for $50 to $100.
• The hacker is even offering the entire database exclusively to the highest bidder.
• A Twitter user claiming to be the hacker is dismissing the event as an elaborate joke.

The ‘OGUsers’ hacking forum was hacked again, for the third time in its history, with the first being in May 2019. Back then, hackers from a competing forum accessed the forum’s backend and proceeded to leak sensitive details about the users and the things they bartered there.

This time, the hackers found it interesting to begin their bashing with an embarrassing defacement, informing everyone that the forum’s database has been exfiltrated and everything is for sale.

The price list given by the infiltrators is the following:

• $50 to remove account info and DMs from the upcoming leak.
• $50 to receive a user’s username, encrypted Argon2 password, email address, and IP.
• $100 to receive all DMs sent and received from/to a particular user.

The hacker is also accepting custom requests, like looking up certain values in the database. Finally, the crook also offers to sell the entire DB exclusively to someone and is willing to listen to offers, so no price tag was given for this.

The forum’s admin has confirmed the breach and assured the members that at least their passwords are not possible to break. However, the IP address and DM content could severely hurt the exposed individuals, especially if they failed to take proper anonymization measures like using a VPN to connect to OGUsers.

Remember, this is a marketplace where people sell and buy all kinds of stolen accounts, from social media to games. It is a rich place that has won its notoriety over the past couple of years, and it’s still the place to go for stolen accounts even though it gets hacked every now and then.

And as for the hacker who carried out the latest attack, he goes by the moniker “Disco,” which actually matches the nick of a previously banned OGUser who kicked off their own forum, emulating the popular marketplace. The hacker was approached by Brian Krebs on Twitter and told the reporter that he hacked OGUsers via an outdated plugin used on the site. He also clarified that he isn’t planning to sell the stolen user data and that it’s all a joke meant to poke the admins.