OP 30 January, 2022 - 01:33 AM
(This post was last modified: 30 January, 2022 - 01:42 AM by CYBER0. Edited 1 time in total.)
In short: SQLSniper’s database was not breached. No data was leaked, and all user data is safe. We take extra care to ensure the safety and security of all users, which is exactly why no data was actually breached.
In this thread, I intend to explain further for my customers and for the people who may have seen this so-called breach.
@WindexBoi has posted a thread called "SQLSNIPER DB LEAK | FIXED".
This post contains a ~5MB CSV file titled “sqlsniper-users.csv” containing a list of 40,200 usernames, emails, MD5 hashed passwords, IP addresses plus various other user metadata.
This file has been advertised as a database breach of SQLSniper users. As a side note, I am the owner of SQLSniper.
When I was first alerted of this thread, of course, I downloaded the file immediately to verify the authenticity and severity of this leak.
I noticed that something was off immediately. This CSV file contained the following column names in its first line: username,group_id,vroop_id,password,userid,userlevel,email,timestamp,ip,validate,acceptterms.
My panic was averted. For those who are unaware, the first line in a CSV file defines the columns that the CSV file contains. These columns DO NOT match the ones found inside the legitimate SQLSniper database; the one that only I have access to. The columns inside the legitimate database are quite simply id,username,licence_key,ip_whitelist.
We do store other metadata such as the user's subscription expiry in other tables, though, but this isn’t even present in the fake data breach!
Okay. This was enough for me to stop my investigation immediately. What is this bullshit, "vroop_id, userlevel, acceptterms"? That’s ridiculous. Clearly, this so-called data breach is fake. Purely based on the column names that aren’t even remotely similar to what’s in my real database, I can already conclude that it’s fake, and I can move on with my life - right?
Furthermore, are we going to ignore the ridiculous amount of users in this database? Are you telling me SQLSniper has 40,000 users? If that’s true, I would be a multi-millionaire!
SQLSniper sells for around $100 and if you do $100 * 40,000, you get 4 million. And $100 is the minimum. Absolute madness!
Still don’t believe me? I went around and asked 6 of my customers. None of them - not even one - could find their data in this so-called data breach. It’s complete bullshit!
Screenshot proof:
Obviously I’ve proven this breach is completely bullshit, but could it’ve been a mistake, could he have been mislead himself? Well, I thought so, apart from one detail. @WindexBoi specifically said in an old SQLSniper fake breach thread (which was taken down for malware reasons by staff)
“idk how got it, i got it off a friend a while ago, can confirm some of the usernames”
Here is a full screenshot of the OLD fake data breach thread that @WindexBoi published a couple of days ago.
More specifically, he said “can confirm some of the usernames” in the thread. So what he’s saying is that he’s cross-checked the usernames in this breach and has “confirmed” it. That’s absolute crap! I’ve proven this data breach is bullshit, yet he’s sitting here lying to everyone saying that essentially the breach contains SQLSniper users, thus saying himself that it’s authentic, when it’s clearly not!
Again, I’m still in disbelief that he saw 40,000 users and didn’t think “wait a minute, isn’t a bit unreasonable for there to be 40,000 users on a small tool that’s only sold for a few months?” I don’t believe that this thought couldn’t come across his mind. Make of this what you will, but this is clearly lying, IMO.
Although, of course, I’m no mind-reader, there are some pretty obvious reasons why @WindexBoi has authored a fake data breach.
1. Polluting my Google search results with threads about a data breach
2. Making downloader’s of the false breach cross-post on other forums.
3. To spread a bad reputation about SQLSniper, based on a complete lie.
Finally, take what you will from this information, but WindexBoi owns a tool called Dorkr which holds some similar functionality to my tool SQLDorks. *shrug*
I take safety and security seriously. This whole situation has caused unease and a commotion amongst the customers who trust us and has understandably made some people view my tool in a bad light, when in reality, they were misled.
I’d like to make clear that all user data is safe and will remain safe, and no data was breached.
Thanks
In this thread, I intend to explain further for my customers and for the people who may have seen this so-called breach.
@WindexBoi has posted a thread called "SQLSNIPER DB LEAK | FIXED".
This post contains a ~5MB CSV file titled “sqlsniper-users.csv” containing a list of 40,200 usernames, emails, MD5 hashed passwords, IP addresses plus various other user metadata.
This file has been advertised as a database breach of SQLSniper users. As a side note, I am the owner of SQLSniper.
When I was first alerted of this thread, of course, I downloaded the file immediately to verify the authenticity and severity of this leak.
I noticed that something was off immediately. This CSV file contained the following column names in its first line: username,group_id,vroop_id,password,userid,userlevel,email,timestamp,ip,validate,acceptterms.
My panic was averted. For those who are unaware, the first line in a CSV file defines the columns that the CSV file contains. These columns DO NOT match the ones found inside the legitimate SQLSniper database; the one that only I have access to. The columns inside the legitimate database are quite simply id,username,licence_key,ip_whitelist.
We do store other metadata such as the user's subscription expiry in other tables, though, but this isn’t even present in the fake data breach!
Okay. This was enough for me to stop my investigation immediately. What is this bullshit, "vroop_id, userlevel, acceptterms"? That’s ridiculous. Clearly, this so-called data breach is fake. Purely based on the column names that aren’t even remotely similar to what’s in my real database, I can already conclude that it’s fake, and I can move on with my life - right?
Furthermore, are we going to ignore the ridiculous amount of users in this database? Are you telling me SQLSniper has 40,000 users? If that’s true, I would be a multi-millionaire!
SQLSniper sells for around $100 and if you do $100 * 40,000, you get 4 million. And $100 is the minimum. Absolute madness!
Still don’t believe me? I went around and asked 6 of my customers. None of them - not even one - could find their data in this so-called data breach. It’s complete bullshit!
Screenshot proof:
Spoiler:
Obviously I’ve proven this breach is completely bullshit, but could it’ve been a mistake, could he have been mislead himself? Well, I thought so, apart from one detail. @WindexBoi specifically said in an old SQLSniper fake breach thread (which was taken down for malware reasons by staff)
“idk how got it, i got it off a friend a while ago, can confirm some of the usernames”
Here is a full screenshot of the OLD fake data breach thread that @WindexBoi published a couple of days ago.
Spoiler:
More specifically, he said “can confirm some of the usernames” in the thread. So what he’s saying is that he’s cross-checked the usernames in this breach and has “confirmed” it. That’s absolute crap! I’ve proven this data breach is bullshit, yet he’s sitting here lying to everyone saying that essentially the breach contains SQLSniper users, thus saying himself that it’s authentic, when it’s clearly not!
Again, I’m still in disbelief that he saw 40,000 users and didn’t think “wait a minute, isn’t a bit unreasonable for there to be 40,000 users on a small tool that’s only sold for a few months?” I don’t believe that this thought couldn’t come across his mind. Make of this what you will, but this is clearly lying, IMO.
Although, of course, I’m no mind-reader, there are some pretty obvious reasons why @WindexBoi has authored a fake data breach.
1. Polluting my Google search results with threads about a data breach
2. Making downloader’s of the false breach cross-post on other forums.
3. To spread a bad reputation about SQLSniper, based on a complete lie.
Finally, take what you will from this information, but WindexBoi owns a tool called Dorkr which holds some similar functionality to my tool SQLDorks. *shrug*
I take safety and security seriously. This whole situation has caused unease and a commotion amongst the customers who trust us and has understandably made some people view my tool in a bad light, when in reality, they were misled.
I’d like to make clear that all user data is safe and will remain safe, and no data was breached.
Thanks