MacRumors forum hacked more than one million of users at risks

    Download is available until [expire_date]
    • Version
    • Download 0
    • File Size 0.09 KB
    • File Count 1
    • Create Date March 19, 2022
    • Last Updated March 19, 2022

    MacRumors forum hacked more than one million of users at risks

    MacRumors, the Mac news and information website and user forums, was hacked, more than 860,000 accounts were potentially compromised.

    MacRumors, the popular Mac news and information website and user forums, was hacked this week, according to the first news that circulated on the Internet that more than 860,000 accounts were potentially compromised totaling 1.8 million registered members, about whom the site belongs. claimed today.

    MacRumors website owner, Arnold Kim, confirmed the hack and apologized for the incident, also revealing that a hacker compromised a moderator account to sneak into the platform, once inside he had accessed user credentials. Elevated his own privileges to steal.

    We are looking into it further to see if there was another exploit, but there hasn’t been any evidence of it yet.

    The hacker accessed to the usernames, emails and hashed passwords of the MacRumors website accounts, the users have been informed of the necessity  to change their passwords on the forums to avoid consequences. It’s known that the MD5 hashing method is not considered safe to use on commercial websites, hackers in fact could easily go back to the original passwords.

    As usual more exposed are those users that share the same credentials between different web services.Arnold Kim said that while MacRumors was hacked in a similar way to the Ubuntu forums, he also promised to improve the platform's security to avoid future problems.

    We are still working to get the forums fully functional and more secure,”

    In a first time Kim confirmed that, according to the Log file, the hacker tried to access the password database, but there are no indications that the passwords are circulating online in any form, but he successively reported to Threatpost that the attacker behind the MacRumors Forums data breach was “friendly” and that none of the data accessed will be leaked. Arnold Kim confirmed to Threatpost journalists that the hacker posted on the forums a message to the community.

    To proof the hack the hacker posted a portion of Kim’s password hash and salt, he also blamed a MacRumors Forums moderator whose credentials was stolen and used to access the password database.

    “We’re not going to ‘leak’ anything. There’s no reason for us to. There’s no fun in that. Don’t believe us if you don’t want to, we honestly could not care less,” the hacker wrote.

    The hacker confirmed that 860,106 passwords were dumped, and 488,429 still had a salt at least three bits long.

    “Anyone that’d been active recently will have a longer salt, which will slow down the hash cracking by a fraction of the time it would have taken (duplicate salts = less work do, it’s like to have many with a 3 bit salt),” the hacker’s post said. “We’re not ‘mass cracking’ the hashes. It doesn’t take long whatsoever to run a hash through hashcat with a few dictionaries and salts, and get results.”“We’re not terrorists. Stop worrying, and stop blaming it on Macrumors when it was your own fault for reusing passwords in the first place,” the hacker wrote.

    The hacker blamed users for the bad habit of reusing passwords instead of criticizing the security offered by the MacRumors platform, he also said the credentials were used to log into Web-based email accounts or other online services. is not being exploited.