Recently there has been a huge increase in hacked databases being shared and also sold, and now it appears that one of the services that surfaced a few weeks ago and has already been hacked, dumped and had its domain name revoked.
Datawh0re which was found at datawh0re.ru was offering databases for sale and this had made some people mad due to the fact the databases they had for sale was a lot of shared and near public dumps. Well last week it turns out that some one found an SQLi in their website and as a result of this they had discovered the file names, locations of each dump. The file names are in MD5 and without knowing exactly which is what each files name you would be almost certainly left with a mess after downloading.
Today a twitter account announced a link to hastebin.com which contains a small bunch of wget strings to obtain this data.
Now whats funny about this, is this list has been around for about 10 days or so now and that it originally contained the datawh0re.ru URL within it but now this more recent one contains datawh0re’s IP addresses. From what i have been told, the websites owner has had the .ru domain name revoked for not being able to provide a real Russian passport, tho it appears that this has not taken the website completely offline and now its IP address is being shared around and the leaks still active.
The data that has leaked from them appears to be the following dumps
7k7k, Adult-FanFiction.sql, iSpeak.cn.zip, MoDaCo.rar, ArmyForceOnline, Sparshivai.ru, IPMart-Forum.tar.gz, BleachAnime.zip, CapitalGames.zip, CardingMafia.csv, DragonNest.7z, Eroticy.zip, DaniWeb.rar, Dayz.com Forum.csv, Dungeons Of DragonsOnline.csv, Experian.7z, FFToday.zip, Gamania.zip, GameTuts.zip, ForumFree.it.zip, Citadel.sx.txt, AddictedCheats.sql, AhoyWorld.sql, AltisLifeRPG.csv, ADKGaming.sql, DayZForum.txt, DFB.de.csv, DigitalGangster.txt, EternaGaming.sql, GamersInc.sql, GamerzPlanet.zip, GameVN.7z,GPotato, FlashFlashRevolution.rar, iDressUp.csv, Jabbim.com.sql, InfoWars.rar, LOTRO.csv, MSI.sql, MultiFive.sql, NordicGames.zip, PESFan.csv, Plex.tv.csv, Powerbot.zip, Rise-Gaming.sql, Thrill.li.sql, Tianya.cn.zip, UUU9.7z, vBulletin.com.csv, Xploder.zip, YouChew.txt, BitcoinTalk Forum.csv, OVH & Kimsufi.csv, DLH.net Main.csv, Lookbook.nu.csv, Nihonomaru.csv, TigSource Forum.csv, Ikov.csv, ILikeCheats.csv, PHPFreaks.csv, BitsHacking.csv, TigSource Main.csv, Lifeboat.rar, Aternos.zip, Weibo.zip, Brazzers.csv, Libero.it.csv, Leet.cc.rar, FeverClan.tar.gz
At time of publishing i attempting to contact the owner of datawh0re.ru, no reply as of yet but from this conversation here on the 9th of October it seems that the owner doesn’t give a fuck.
So what lesson can be learnt from this incident? If you want to sell hackers data, prepare to be hacked, they do not take it nicely.