A self-styled “leaking and cracking discussion board” the place customers promote and share breached databases, stolen credentials, and pirated software program was leaking the IP addresses of its logged-in customers to the open internet, safety researchers have discovered.
Leak Zone left an Elasticsearch database uncovered to the web and not using a password, in response to researchers at UpGuard. In a weblog publish shared with TechCrunch forward of its publication, the researchers mentioned they found the database on July 18 and located its knowledge was accessible to anybody with an internet browser.
The uncovered database contained greater than 22 million data storing the IP handle and exact timestamp of when Leak Zone customers logged in. The data have been dated as not too long ago as June 25, and the database was updating in real-time.
Whereas the data weren’t linked to particular person customers, the info may very well be used to determine customers who logged into Leak Zone with out utilizing any anonymization instruments. Among the data, seen by TechCrunch, point out whether or not a person is believed to have logged in by way of a proxy, similar to a VPN, which will help conceal the person’s real-world location.
Leak Zone, which gained recognition in 2020, advertises entry to a “huge assortment of leaks starting from breached databases to cracked accounts,” referring to stolen credentials used for logging into an individual’s on-line accounts. The discussion board additionally provides a market that explicitly promotes “unlawful providers,” the location’s information reads. A web page on Leak Zone’s web site claims the discussion board has greater than 109,000 customers.
In line with UpGuard, 95% of the data within the uncovered database relate to Leak Zone person logins. The remaining knowledge reference accounts related to AccountBot, one other web site for promoting entry to compromised accounts used for streaming providers.
TechCrunch verified that the uncovered database was recording customers logging into Leak Zone by creating a brand new account and logging in to the location. A corresponding document instantly appeared within the uncovered database containing our IP handle and the timestamp of the precise second we logged in.
It’s not identified why the database was publicly uncovered. Human error or misconfigurations are sometimes a trigger of information exposures, fairly than malicious actions.
TechCrunch was unable to contact the Leak Zone directors for remark because the discussion board software program denied our capability to ship them messages. It’s not clear if the Leak Zone directors are conscious of the publicity or in the event that they plan to inform their customers concerning the safety lapse.
The database is not on-line, UpGuard instructed TechCrunch.
Lately, U.S. and worldwide authorities have more and more focused cybercrime boards and web sites for his or her roles in facilitating hacking, identification theft, and different felony exercise. This week, Europol introduced it had arrested the alleged administrator behind XSS.is, a long-running Russian-language cybercrime discussion board, which the authorities additionally seized as a part of a takedown operation.
{content material}
Supply: {feed_title}