A database of the more dysfunctional hacker forum and marketplace for the sale of stolen information, WeLeakData.com, is up for sale on the darknet. Some of the data was also disclosed in the personal correspondence of hackers who once used the site's services.
WeLeakData.com was a forum and marketplace for discussing, selling, and buying leaked databases and lists of login and password pairs used for credential stuffing attacks. Late last month, the site was unexpectedly shut down, with rumors that its operator had been arrested and the database stolen or sold. Since then, advertisements about the desire to buy a leaked database have regularly appeared on underground forums.
According to a new report by cyber security company Cyble, a dump of the WeLeakData.com forum database on the vBulletin engine, dated from the beginning of January 9, 2020, is now being sold on the black market. Like any other forum database, it contains usernames, email addresses, password hashes, IP addresses from which posts were made on the forum, and private messages. Such information poses a great threat to cybercriminals, since it can be used by law enforcement agencies to track them and link them to known cyber attacks.
According to Cyble's report, the database was used to launch a new site, Leaksmarket.com, which posted the same posts and private messages from the same users from the WeLeakData.com database on its forum. According to experts, some time after the closure of the site, most likely, it was sold to one of the members of the forum and started working again.
