Leaking Leakers: Hacking Forum Exposes Users' IP Addresses

Leaking personal information and login credentials for personal gain is a highly nefarious act. Exposing personal information such as full name, IP address, home address, and other forms of personal data could lead to potentially life-threatening harassment.

Unauthorized use of personal information could also lead to unauthorized purchases and identity theft. This is the reason why authorities and other cybersecurity companies are always on the lookout to prevent any form of illegal data sharing.

Leakers Leaked

With all the illegal transactions done by data hackers, it’s paramount for them to conceal their personal identity, right? Some were actually careless about their online transactions; their IP addresses were leaked on a forum dedicated to this type of transaction.

Upguard recently reported that LeakZone, a forum site dedicated to leaking personal information and other login credentials, is actively leaking the IP addresses of its users.

The data came from an Elasticsearch database containing objects with web requests to Leakzone’s domain (leakzone.net). The logs that came with the request contain data such as IP addresses, country, city, and timestamp of the request.

While the leaked database contains sensitive information, it was an active database. This means the latest logs are updated until the data is downloaded. It turned out that Leakzone did not implement database security measures to protect its users.

Users, Country of Origin, and Other Leaked Data

The database reportedly logged more than 180,000 unique IP addresses. Although the website has more than 100,000 users, many users have been assigned dynamic IP addresses. A single user could have accessed leakzone.net with a different IP address depending on their ISP.

The United States, Germany, the UK, Singapore, and the United Arab Emirates are the top five IP addresses with data requests associated with LeakZone. It’s not surprising that China is not on the list, but it does not mean there are no users from China who have tried to request data from LeakZone. Due to the Chinese government's restrictions, Chinese hackers are actively using VPNs to conceal their location.

It was also noted that 39% of the unique IP addresses are only used once. Accessing the website itself is not illegal, although the transactions that transpire are most certainly nefarious. Many users are most likely curious about what they can find in LeakZone.

Unfortunately, identifying users participating in illegal transactions in LeakZone is difficult. A unique IP address used once could also mean that a data seller/buyer uses a VPN to conceal their location by using nodes in different countries worldwide.

Securing Your Personal Information

This leaked database of users who also leak other people’s information simply shows that no one is safe online unless you take active measures to conceal your identity. It’s always important to use trusted websites, especially when sharing personal information. Avoid these websites that solicit illegal transactions because they could easily use your personal information for their personal gain.

As of this writing, the forum is still online with active users. The leaked database is now offline.