recommended reading

Threatwatch

Hackers Punish Celeb Nudie Gawkers

Data dump; Software vulnerability

A database has leaked from a forum dedicated to sharing pictures of undressed celebrities, inspired by those stolen from Apple's iCloud in ‘The Fappening’ of 2014.

The thefappening.so/forum bulletin board, which also includes a section entitled ‘Photos of Our Wives,’ was built off PHP software, programs that are vulnerable to database hacks.

The information compromised includes usernames, IP addresses, email addresses and passwords, though passcodes were protected by bcrypt hashes.

A security researcher received the data from a contact who seemed to be involved in the trade of leaked information. One email address in the data dump contained a .gov suffix.

On, April 12, the researcher, Troy Hunt, tweeted that the forum was compromised, SC Magazine reports. 

He mocked those affected in another tweet that read “Pro tip too - if you're gonna sign up to a forum like that, perhaps not use your .gov email address...”

Malwarebytes security analysts noticed that the mobile version of the forum site contained several compromised accounts, dubiously worded advertisements, malvertising, rogue mobile programs, and redirects to “ransomware” websites that lock victims onto webpages, according to an April 14 blog post.

Among the malicious ads researchers spotted were a pornographic popup that attempted to load SLocker ransomware, a bogus United Nations warning, and other messages attempting to extort users.

sector

Social Media

reported

April 14, 2016

reported by

Forbes

number affected

180,000 users

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

April 12, 2016