NZBGeek Hacked, User Data Compromised
Last Updated: Mar 03, 2021
Last December 2020, it was reported that popular Usenet indexer, NZBGeek, was hacked. In a statement released by NZBGeek, they mentioned that the hackers managed to place a keylogger to access supposed secure information from their system. These hackers were able to obtain a copy of their database which includes usernames, encrypted passwords, email addresses and last connected IP addresses. As per their statement, the hard drive on their indexer also failed along with an API server.
Upon informing the public of this predicament, NZBGeek advised its users to take appropriate action if they have used their card with the website since November 20, 2020. This includes reporting what happened to their card issuer to protect users from unlawful charges.
NZBGeek also suggests that users change their credentials and card information as soon as possible. If you use the same username/password combination on any other website NZBGeek suggests you change them. You should also use two factor authentications with all your online accounts”. According to their released statement, “PayPal data is not at risk providing you do not use the same username/password for NZBGeek”.
Understandably, the hacking of NZBGeek caused quite a bit of concern among its users. According to some forums, some users did have some unlawful charges on their credit card. Luckily, these were disputed when NZBGeek made the announcement. However, a lot of the concerns of users is whether or not their download histories were accessed, especially since IP addresses and other information were compromised.
NZBGeek Initial Steps
Upon finding out about the breach, NZBGeek put everything offline except for their API while they have external help to find out. In a statement released on a tech website, NZBGeek says, “We are taking massive steps, with the help of many community members around the world who are experts in various forms of cybersecurity. I am happy to provide those details as these are vetted and finalized”.
As of January 2021, NZBGeek’s API and Indexer is fully functional. The site administrators also say that download histories were stored in a separate server. However, it was unclear if this was compromised.
NZBGeek’s front end, on the other hand, has been refocused and Is currently on minimal and targeted service. According to their announcement on Discord, “This new architecture has, as its goal, to provide the best experience for the primary use case of NZBgeek: finding and grabbing desired NZB’s fast. The only data held within the new web structure is your username and a hashed key required for access (Your API key will be the key provided, to be known as your Geek Key). As there is no migration over of password data from the old site, your account will be secure and the new API key (Geek key), to be issued on site go-live, will itself be your password.”
Currently, NZBGeek is not open for registration but has plans in re-establishing NZBGeek back to how it was best known for. The website will be implementing requested features and will be clearing up some early bugs. As per NZBGeek “The remainder of her features require work on the API side of things as opposed to the site front-end. Understandably, this requires a delicate juggle of currently active members from the original site and a restructure for new API servers and code.”
That being said, NZBGeek admins expect to open registration by February 26, 2021. This date will also be the start of the roll out for email notifications with a 2-week warning for expired accounts that will require renewal. Members will also be advised onsite if they need to renew.
NZBGeek opened their registration at 2 pm on February 26, 2021 with payment options currently limited to cryptocurrency. According to NZBGeek, other payment options will be rolled out in the coming weeks including credit card options.
NZBGeek also announced that on the new site “no payment data is entered into the NZBgeek site at all and you will instead be redirected to a secure payment site “geekhub” that is completely locked down and separate from the website itself. You will be prompted for your username and password to access this page and submit payment, and will allow for instant activation once payment is completed.”
Unfortunately, lifetime subscriptions are not and will no longer be available.