We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

120k Hacking Forum Account Credentials Stolen by Info-Stealers

120k Hacking Forum Account Credentials Stolen by Info-Stealers
Zane Kennedy Published on 16th August 2023 Cybersecurity Researcher

In an analysis, cybersecurity firm Hudson Rock found that hacking forum credentials associated with 120,000 computers were compromised by info-stealer malware.

Researchers analyzed one hundred prominent cybercrime forums, and found within its intelligence database — which boasts data from more than 14.5 million machines afflicted by information-stealing malware — that a staggering 120,000 infected computers had credentials on these websites.

The extent of the pilfered data from these compromised machines is profound. Information stealers, which are malware that infiltrate systems to extract sensitive data, provide a goldmine of personal details. Researchers found that compromised data included secondary credentials (such as additional email addresses and usernames), auto-fill data including names and addresses, and system information like IP addresses and computer names. This abundance of data could allow threat actors to discover the real identities of the affected user.

Alon Gal, CTO of Hudson Rock, explained the tactics used by threat actors looking to pilfer credentials while speaking with BleepingComputer: "Hackers around the world infect computers opportunistically by promoting results for fake software or through YouTube tutorials directing victims to download infected software." Among those infected are other hackers, usually those less skilled and more likely to fall for scams.

Among the afflicted forums, the notorious "Nulled.to" was the most widely affected, with over 57,000 compromised users. "Cracked.io" and "Hackforums.net" followed closely behind. The analysis also revealed that passwords employed for cybercrime forums exhibited greater strength compared to those used for government websites.

The prevalence of information-stealer infections has skyrocketed over the years, surging an astounding 6000% since 2018. They are currently the primary avenue for threat actors seeking to infiltrate organizations and launch cyberattacks, including ransomware assaults, data breaches, account takeovers, and corporate espionage.

About the Author

Zane is a Cybersecurity Researcher and Writer at vpnMentor. His extensive experience in the tech and cybersecurity industries provides readers with accurate and trustworthy news stories and articles. He aims to help individuals protect themselves through informative content and awareness of cybersecurity's crucial role in today's digital landscape.