250k users exposed in Naijaloaded hack

By

Databases stolen.

Almost 250,000 user details of popular Nigerian youth forum Naijaloaded have been exposed after the site was hacked.

250k users exposed in Naijaloaded hack

A hacker by the name of TheMrX uploaded a shell on the website and accessed its 42mb user database.

 


The database contained names, usenames, passwords and location information of 243,089 users.

Naijaloaded is a popular African social forum site that includes hacking and software tutorials, and discussion on music, movies and business.

The hackers said they would not publish the database, seen by SC Magazine, but said the US HostGator webserver that hosted Naijaloaded contained 79 other domains that may be vulnerable.

"It is running one of the newest 2011 kernals, so most public exploits are outdated yet, it may still be possible to get in," a member of the Team Infra hacking group said.

The hacker also showed two invoice databases with customer email exchanges and sales data purportedly held by hosting providers urhostz.com and betarack.com.

 

The group said the data was obtained through a local file inclusion exploit in the WHMCS client management and billing system.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Accenture to buy Australian cyber security firm CyberCX

Accenture to buy Australian cyber security firm CyberCX

TPG Telecom reveals iiNet order management system breached

TPG Telecom reveals iiNet order management system breached

"Shade BIOS" stealth malware hides below operating system

"Shade BIOS" stealth malware hides below operating system

Log In

  |  Forgot your password?