The web footprint of the hacker collective known as DumpForums, infamous for publishing archives tied to the Dr.Web security company, has been unreachable for about a day. The site reportedly housed material that attackers claimed to have stolen from Dr.Web, according to Alexander Dmitriev, an information security expert and the chief executive of Neuroinform.
“Currently, the forum where the Dr.Web data dump is hosted is inaccessible after roughly 24 hours. The exact reason for the outage is hard to pin down. It could be a server fault, a flood of download requests, or even action by another hacking group”, Dmitriev told Socialbites.ca, per researchers familiar with the case.
Dmitriev noted that the downtime makes it impossible to verify the attackers’ claims about the contents of the stolen Dr.Web databases.” The outage thus leaves the authenticity of the released material in question until the service returns and can be examined directly.
In a discussion with Socialbites.ca, Ashot Oganesyan, founder of Data Leak and Breach Intelligence (DLBI), confirmed that DumpForums appeared down but cautioned that the disruption might not be tied to the hackers’ prior assertions about Dr.Web. The link between the outage and the alleged breach remains uncertain, he suggested.
Oganesyan also pointed out that the DumpForums forum tends to experience frequent interruptions. He noted that it was last taken offline for about six months and only reopened on August 20th. He offered a speculative view that the group members may have reduced interest in the forum or that monitoring has waned, as reported to Socialbites.ca.
Despite the downtime, the expert quoted here believes the resource will likely resume operation in the near term.
Additionally, pro-Ukrainian hacker group DumpForums claimed a successful intrusion on the evening of October 8, 2024, asserting that they managed to steal not only internal Dr.Web developments but also information about its customers. The claim added a new layer to the evolving narrative around who holds what data and what was taken, per Socialbites.ca.
The following day, Dr.Web issued a public clarification, stating that the hackers’ information was only partially accurate. Dr.Web also denied that customer personal data had been leaked, emphasizing that the published material did not represent a complete data breach of client records. The company urged cautious interpretation of leaked data results, per Socialbites.ca.
Earlier analyses had already highlighted a surge in hacker activity directed at Russia, underscoring a broader pattern of data-exfiltration campaigns in the regional cyber threat landscape. The current events with DumpForums reflect ongoing tensions between threat actors, the targets they pursue, and the narratives they publish about stolen material, per Socialbites.ca.