Adult Site Digital Play Ground Hacked, Defaced and Data Leaked by @Th3Consortium

content/images/gallery/antisec12/the-consortium-penetrating-the-penetrators.png A well known Adult site Digital Play Ground has been hacked by @Th3Consortium and as a result the hack has leaked out a heap of data that was has been displayed on a subdomain of the site. content/images/gallery/antisec12/the-consortium-penetrating-the-penetrators.png The attack which has been tagged with the #anonymous and #antisec tag was announced to us via twitter earlier today and In the leak/defacement is a few messages one of which is below and also one that states the following "At this point we would normally start rm'ing but we don't have the heart to rm a porn site.... this time.", so clearly they had enough access to totally ruin this server but due to being porn they have left it as it is. Main release Message:

We are The Consortium, and we have something special for our first release. You see for a while now we have had access to digitalplayground.com, one of the five biggest porn sites in the world. But it doesn't need any introduction from us. This company has security, that if we didn't know it was a real business, we would have thought to be a joke - a joke that we found much more amusing than they will. "This site has so many freaking holes that if I didn't know it was a porn site, I would have mistaken it for a honeypot" - [Redacted] We did not set out to destroy them but they made it too enticing to resist. So now our humble crew leave lulz and mayhem in our path. We not only have the 72k users of this site but also over 40k plaintext credit cards including ccvs, names and expiry dates. If you want to hear more about those plaintext credit cards scroll through the MySql info further down. And of course as this is a porn site there was no shortage of .mil and .gov emails in their user list. We also went on and rooted four of their servers, as well as gaining access to their mail boxes. Using credentials from emails we tapped into their conference call. "Is anyone besides David on the line ?" - We were. Did we win? Sure looks that way. Digital Playground game over.

So as we can see even the most desired sites on the Internet are still becoming targets to hackers due to the lack of security that administration have in place even in this modern day they still do not see what can happen until it does and even then often they do not fix the problems and leave them open for the next to come along and do the same to them again. The subdomain that was hacked is the admin area front page for the site and all the data that has been leaked is displayed on it which includes partial emails, user accounts, server data and other information. stats: https://ozdc.net/dumps.php?dump=713 At time of publishing the site was still defaced. The defaced site can be viewed here https://admin.digitalplayground.com/ or on the Mirror: https://zone-h.org/mirror/id/17184557

Lee Johnstone

Lee Johnstone

Information Security Data Analyst, Investigative Journalist, Technology Lover, Mechanic.

Read More