Over 25 million users accounts breached hosted by Russian internet mail server mail.ru. Two hackers carried out an attack on three different gaming forum in July and August. One of the gaming forum alone accounted for almost half of the breached users details other gaming forum make up over 12 million of users accounts.
Which hackers team carried out this attack?
The hacker’s names aren’t known currently, but they were lucky to find SQL Injection in vBulletin forum software to get access to database. The databases were stolen in early August, according to breach notification site LeakedSource.com, which obtained a copy of the databases.
What those hackers got?
They were able to fetch usernames, emails, birthday and MD5 Hashes (Passwords). We’re not sure but we think they got every users IP addresses as well.
Hacker’s contacted cnet.com and told them about cracking users passwords, by using available cracking tools online. The encryption used by vBulletin is MD5. The group said that the most common four passwords were some combination of “123456789,” which in part made it easier to determine a significant portion of the leaked passwords.
The breach notification confirmed that it has added the breached data into its database, alongside another 2.3 million records from 10 other websites that the group bundled in with its blog post.
This is the latest hack in a long line of similar attacks on out-of-date and unpatched forums with widely known and glaring security flaws. Many of Mail.ru’s forums ran versions of vBulletin software dating back to early-2013.
It’s also not the first time that Mail.ru has suffered a breach this year. In June, the company — which also owns Russian social network VK.com — confirmed that it was also breached, albeit some years earlier when the site’s security was far more primitive.
A Mail.ru spokesperson did not comment by the time of publication. We’ll update if we hear back.