WEIGHT: 52 kg
Sex services: Sex oral without condom, Soft domination, Moresomes, Smoking (Fetish), Oral
A Bulgarian hacker has breached two online forums dedicated to sex workers, stolen user information, which he's now selling on a hacking forum. The two forums are EscortForumIt. Both were running outdated versions of the vBulletin forum software. The hacker told ZDNet this week in an email that he used a vBulletin zero-day CVE disclosed at the end of September to breach the two sites.
The hacker is now selling the data on a publicly-available hacking forum. Stolen data includes usernames, email addresses, and password hashes -- obtained from both forums, with 33k records from the Italian one, and k from the Dutch one. According to a sample of the data obtained by ZDNet, in the case of the Dutch forum, the hacker also appears to have gained access to the site's internal paid subscription system, although there was no financial information included in the sample we received.
The hacker, known as InstaKilla, is the same one who leaked the data of Bulgaria's National Revenue Agency NRA online in July -- although he was not responsible for the actual hack, but only for leaking it online. However, he is responsible for these two hacks, as long as others.
One of them is a breach of the Comodo's user forums. Another is a breach at Zooville , a zoophilia and bestiality forum. While this data is being sold now, this type of information usually finds its way into the public domain at one point or another. When that happens, users with accounts on the three adult-themed sites will be vulnerable to blackmail attempts.
This is not a hypothetical scenario. These types of extortion campaigns have happened in the past , especially after the Ashley Madison data breach. Dutch politician faces three years in prison for hacking iCloud accounts and leaking nudes. SAP has been left red-faced for allowing the security lapse to occur. One library was available for only two days, but the second was live for nearly a year. Amazon Detective to investigate security issues within workloads.