Behind the NULLED.IO hack
Several days ago the public became aware of an attack on a popular hacking website nulled.io. Hackers managed to obtain database dump and published it on the Internet. Unfortunately, the database was modified, and a lot of interesting tables (such as forum posts) were missing in the dump. However, the leaked information is still valuable, because it contains email addresses of website visitors, their hashed passwords, IP addresses, etc.
We have decided to make a small analysis of this information to determine who was using nulled.io. Here are our findings:
Total active members of the community (who published more than 3 posts in form): 145 096
Below is a table of 10 most popular domains for email addresses (72% of all emails):
| Domain | Accounts |
| gmail.com | 66875 |
| hotmail.com | 19052 |
| yahoo.com | 7476 |
| outlook.com | 3375 |
| naver.com | 1491 |
| live.com | 1417 |
| wp.pl | 1258 |
| qq.com | 1190 |
| web.de | 1144 |
| mail.ru | 1062 |
Distribution by domains:
| Popular domains | 104340 |
| Corp. websites | 2130 |
| Other websites | 38626 |
In total, the website was visited by 240 people with Czech emails.
| seznam.cz | 168 |
| email.cz | 30 |
| centrum.cz | 24 |
| post.cz | 4 |
| outlook.cz | 3 |
| volny.cz | 3 |
| docmail.cz | 1 |
| tiscali.cz | 1 |
| opengate.cz | 1 |
| atlas.cz | 1 |
| spalex.cz | 1 |
| wellmax-soft.cz | 1 |
| sps.hranet.cz | 1 |
| hotmail.cz | 1 |
Latest Posts
New Fortinet FortiManager RCE flaw exploited in zero-day attacks
A threat actor, tracked as UNC5820, has been actively exploiting FortiManager devices since June.
AWS and Azure authentication keys found in popular Android and iOS apps
This issue exposes user data and app source codes to potential unauthorized access, data manipulation, and data theft.
VMware releases additional updates to address recently patched critical bug
The fixes released on September 17 did not fully address CVE-2024-38812, the company said.