Almost 250,000 user details of popular Nigerian youth forum Naijaloaded have been exposed after the site was hacked.
A hacker by the name of TheMrX uploaded a shell on the website and accessed its 42mb user database.
The database contained names, usenames, passwords and location information of 243,089 users.
Naijaloaded is a popular African social forum site that includes hacking and software tutorials, and discussion on music, movies and business.
The hackers said they would not publish the database, seen by SC Magazine, but said the US HostGator webserver that hosted Naijaloaded contained 79 other domains that may be vulnerable.
"It is running one of the newest 2011 kernals, so most public exploits are outdated yet, it may still be possible to get in," a member of the Team Infra hacking group said.
The hacker also showed two invoice databases with customer email exchanges and sales data purportedly held by hosting providers urhostz.com and betarack.com.
The group said the data was obtained through a local file inclusion exploit in the WHMCS client management and billing system.
.png&h=140&w=231&c=1&s=0)
Okta Identity Summit
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
