Hacker Wants $50K From Hacker Forum or He'll Share Stolen Database With the Feds

[straycat19]

Extortion can also be funny when it happens to the bad guys, and there's one extortion attempt going on right now that will put a big smile on your face.

 

The victim is Basetools.ws, an underground hacking forum that allows users to trade stolen credit card information, profile data, and spamming tools. The site boasts to have over 150,000 users and over 20,000 tools listed in its forums.

 

Earlier this week, on Tuesday, an anonymous user appears to have breached the site, and uploaded samples of its database online, along with a ransom demand.

 

The attacker is asking for $50,000 or he'll share data on the site's administrator with US authorities, such as the FBI, DHS, DOJ, and the DOT (Department of Treasury).

To prove the validity of his claims, the hacker shared an image of the Basetools admin panel and an image containing the site admin's login details and IP address.

In addition, the hacker also dumped tools that Basetools users were selling on the site, such as login credentials for C-Panel accounts; login credentials for shells, backdoors, and spambots hosted on hacked sites; credentials for RDP servers; server SSH credentials, user data leaked from various breaches at legitimate sites, and many other more.

As soon as the ransom demand and accompanying data was published online, the Basetools portal went offline and entered maintenance mode.

"Yeah, the fact that site is down right now certainly doesn't look good for them," security researcher Dylan Katz told Bleeping Computer today regarding the possibility of the ransom demand being a fake breach.

Nonetheless, "50k is a pretty steep ransom, seeing as the damange has already been done," Katz added.

But financial gain is not the only motivation behind this hack. According to other text included in the ransom demand, the hacker also appears to have carried out the hack out of revenge, claiming the site's operator has been manipulating stats.

"Basetools.pw is manipulating EARNING STATS & RESELLER STATS, Owner of this market has opened a reseller with name RedHat which always stays in First Place," the text reads.

Lots of sensitive data leaked online

Despite the "small potatoes" feel that you get when reading about a breach at a hackers' forum, this security incident is quite of note.

All the Basetools seller data that was supposedly being sold on the forums before the hack is now online and easily accessible to anyone. This means that credentials for thousands of servers are now in easy reach to anyone who knows where to look for it.

 

Other hackers could take over these servers and deploy them in spam, malware hosting, or other malicious campaigns. The owners of these services will need to be notified so they can change credentials and clean up affected systems.

 

Furthermore, Katz has also identified user data that appears to come from services that have not previously announced they suffered a data breach. These services will also need to be notified so they can investigate any potential breaches, and reset passwords for affected accounts.

 

Katz is currently processing the leaked data and intends to reach out to some of the affected parties.

 

Article

[DKT27]

Funny and sad too. It good to hear that hackers got hacked. It's sad to hear that credentials of hacked sites is so easily available on it.

[steven36]

Any hackers  dumb enough store  info  on the clearnet that another hacker can easy steal  have too be questioned  about  are they real  hackers are not ?  You know how easy  it would be for the feds too over take  there forums  ?   They even been able too  take over sites on the darknet  before  so anything on  the clearnet  would be a walk in the park.  This is one  of the problems  about a open Internet it don't matter were  the server is at the state hackers  can take it over if they  have a reason and being a hacking forum  would  put you at the top of there list . Only  a few countries have closed  off  there Internet  to the point  that it would  be hard for this too  happen.  I doubt the state hackers needs a blackhat  too help them out most likely this forum  is already under investigation if they have anything of interest too the feds on it .  The feds most likely know who the owner  of this forum is  already .  They knew  who ran KAT  for years before they took  the guy out . If that hacker  figured out  the owners name it  just means its a matter of public recored somewhere is all  . People  keep thinking there in private  on the clearnet  is the biggest mistake  90%  of people make .

 

Real hackers  don't trade hacking tools on the clearnet noways , everyone knows  this . they use the darknet  too do this  and this  is not even safe from a fed making a buy and taking one of them out .    All  basetools could be  is a bunch of wannabe script kiddies .  Anyone in this day and age of encryption and decentralized methods trading  hacking tools on the open Internet needs there head examined . People coming on the clearnet and talking about stuff that go on on the darknet  on a public forum has sparked many investigations and got many dark market sites closed down .  
 

Quote

 

“We have previously forecasted the potential shift from centralized marketplaces to more decentralized models, and the conditions that would have to exist for this to become a reality,” the researchers noted. “The attempted extortion of Basetools, and in particular the allegations of an admin manipulating vendor ratings is yet another reason for cyber-criminals to reconsider the idea of a centralized market. In a decentralized model, the risk of this occurring would be reduced. While the conditions for a decentralized model taking the lead may not yet be there, this may take us one step further.”

 

 

 

 

https://www.infosecurity-magazine.com/news/dark-web-marketplace-extorted/

All  this hacker  is doing by exposing  this forums database  too  try  to make  a profit  is driving hackers further underground were it will make it harder  for them  to be caught .

 

This even happing  too warez sites once before  everything was in  the open then everything went underground  for awhile  and then it  came back  in the open  . Sooner or latter it most likely will be drove back underground again.

[Nnsane]

Not true!

[percuma88]

Still in Maintenance Mode . . .