The notorious w0rm.ws forum was hacked recently by a hacker by the name of Peace_of_Mind. Peace_of_Mind is an active member of multiple Darknet markets and is known for selling the dumps of data breaches of MySpace, Twitter, Yahoo and LinkedIn.
W0rm.ws is a well-known hacking platform and “IT community” that was on an invite-only basis and provided exploits and malware. The hackers left a page with the personal details of Sarpovu Nikolai, the supposed owner of the forum that included his date of birth, parent’s name, residence permit and twitter handle. A message included on the page from the hacker stated, “Hacked by Peace of Mind for f****** with Hell Forum.” The Hell darknet forum was hacked in the past, but has since been relaunched. The w0rm.ws hack is believed to have been retaliation for the previous attack.
Hacked-DB a company that monitors cyber threats and detects potential threats targeting organizations released a statement regarding the data stating, “Based on the leaked information it seems that the forum was hacked due to the old version of VBulletin with known exploits. The data basically uncover registered user accounts along with their PMs and IPs which can provide the lead if an authority will try to pursuit them. In addition, there are privately traded databases which may be only accessible to the forum users.”
The vBulleting version 3.8.7 used with w0rm.ws is the same software that caused the breaches of Dota 2, Lifeboat and Grand Theft Auto gaming platforms. It is believed that up 323 users of the forum had their account information compromised including usernames, encrypted passwords, and personal messages.