TZUTC: -0500   
   MSGID: 1271.consprcy@1:2320/105 2ce8d39c   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   This major cybercrime forum might have just exposed all its users   
      
   Date:   
   Fri, 25 Jul 2025 13:01:00 +0000   
      
   Description:   
   Researchers found a database full of IP addresses following Leak Zone   
   incident.   
      
   FULL STORY   
      
   In a moment of poetic irony, an underground leaking and cracking forum    
   exposed the IP addresses of all its logged-in users, essentially doxxing them   
   to everyone - security researchers, rival criminals - and most notably, law   
   enforcement.    
      
   Security researchers from UpGuard found an exposed Elasticsearch database,   
   available to anyone who knew where to look. Deeper analysis determined that   
   the database belonged to Leak Zone, an underground forum where cybercriminals   
   advertise and share stolen archives, credentials, and software.    
      
   It contained more than 22 million records - IP addresses and precise   
   timestamps of when the user logged in. The database is also quite fresh, with   
   the archive is apparently being updated in real time, as well as indicating    
   if there is a chance a user logged in using an anonymization tool such as a   
   proxy or a VPN.   
      
   Exposed instances - everywhere    
      
   It is impossible to say for how long the archive remained open, and if anyone   
   discovered it before UpGuard did.    
      
   We also dont know how many people were exposed in this incident but    
   allegedly, the forum has roughly 100,000 members. In any case, it has since   
   been locked down and is no longer accessible.    
      
   The researchers also could not determine the cause of the database being left   
   exposed.    
      
   Usually, it is down to human error - admins simply forgetting to set a   
   password, or otherwise encrypt it. In fact, exposed databases continue to be   
   the leading cause of data leaks - among legitimate and illegal organizations   
   alike.    
      
   For years, researchers have been warning that cloud works on a shared   
   responsibility model - something many IT teams dont seem to be aware of.    
      
   Some businesses believe securing the cloud infrastructure is the service   
   providers task - leaving the back door wide open for cybercriminals.    
      
    Via TechCrunch   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/this-major-cybercrime-forum-might-have-   
   just-exposed-all-its-users   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426