OGusers, the forum known as a destination where its members buy, sell, and trade access to compromised social media accounts, was recently hacked for the third time. Users who visited the site about a week ago were met with a defaced website and messages taunting members that they could “have their profiles and private messages removed from an impending database leak by paying between $50 and $100.” No data has yet been leaked, but it seems as though a previous member of OGusers who is now banned may be behind the attack. “Disco” was reached out to via Twitter and he claimed to have hacked the site via an old plugin vulnerability that had gone unfixed for quite some time. He claims he has no plans of selling the database and it was done more as a joke because of an ongoing feud with the admin of OGusers.
Analyst Notes
The past two times OGusers has been hacked, the leaked data has been very useful for investigators to discover who was behind various scams leveraging high profile accounts on Twitter and other social media sites. It’s hard to feel bad for the OGusers’ members due to the fact that they are the ones normally doing the hacking themselves. When operating on these types of sites it is easy to run into trouble, and there is no guarantee that the site is securely maintained, so it is better to just avoid the sites altogether.
Source: https://krebsonsecurity.com/2020/12/account-hijacking-site-ogusers-hacked-again/
