TrueStresser hack: DDoS-for-hire service breached and database leaked by dissatisfied client

The popular DDoS-for-hire service TrueStresser has reportedly been hacked by a dissatisfied client and some of the service's database has been leaked. The service's database was reportedly posted on Pastebin and Hastebin by an unknown hacker.

The hacker reportedly leaked TrueStresser's credentials for its control panel, which is used by customers to issue commands to a botnet and launch DDoS attacks. In a message, the hacker also reportedly claimed to have leaked the emails, username and passwords of 331 user accounts and more.

"Truestresser database leaked, f*****g scammers thats what happen when you ban people for no reason and you dont know how to manage your site, wtf all php files downloaded when i went to that shit but hey who cares here is all the info," the hacker said in a message, Bleeping Computer reported.

The breach was discovered by security researcher Derrick Farmer, who told Bleeping Computer that he verified the authenticity of the leak by logging in using one of the 16 cleartext user passwords leaked by the hacker. The researcher added that the IP address he used to log into one of the leaked user accounts was hit with an ICMP flood attack.

"I suspect they were aware of the leak and were watching for logins of those accounts," Farmer said.

TrueStresser reportedly rents infrastructure from yet another DDoS-for-hire service called Defcon.pro. The service allegedly boasts of serving over 7,700 customers, who in turn have used the service to launch over 3,900 attacks in just a day (on 1 September) and over 117,000 attacks in total.

It is still unclear when and how TrueStresser was breached. However, in-fighting in cybercrime communities is not uncommon. In 2016, unknown hacker(s) hacked and leaked the database of another cybercrime-for-hire service PoodleStresser.