Encryption, Security Operations, Application security, Data Security

Max Messenger data breach claimed by hacker on DarkForums

Cybersecurity Alert Critical System Vulnerability Detected

Based on information from HackRead, a hacker known as CamelliaBtw has claimed responsibility for a significant data breach affecting Max Messenger, a messaging platform heavily promoted in Russia. The claim was made on the DarkForums cybercrime marketplace, alleging complete access to user data, backend systems, and source code.

The attacker claims to have exfiltrated 142 GB of compressed data, including approximately 15.4 million user records with full names, usernames, and phone numbers. The stolen information also reportedly includes active authentication tokens, bcrypt hashed passwords, communication metadata dating back to the platform's launch, internal infrastructure assets like SSH keys and API documentation, unencrypted media files, and backend source code. CamelliaBtw alleges the breach was achieved through a remote code execution vulnerability in the media processing engine, triggered by a malformed payload in sticker pack metadata. The hacker claims this vulnerability existed since early 2025 and was unpatched. The attacker has threatened to release data if a financial settlement is not negotiated within 24 hours, claiming to have verified accounts of politicians and executives.

Max Messenger has not yet confirmed or denied the breach, and no sample data has been released for verification. If confirmed, this incident would be a severe breach for a messaging platform, raising significant concerns about user privacy, account security, and trust in communication services, especially given Max Messenger's integration with Russian government digital infrastructure and its role as a promoted national alternative to foreign services.

Source: HackRead

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds