Andrew Tate’s site ransacked, subscriber data stolen

#### [Cyber-crime](/security/cyber_crime/)**32** Andrew Tate’s site ransacked, subscriber data stolen====================================================**32** He’ll just have to take this one on the chin——————————————–[Iain Thomson](/Author/Iain-Thomson ‘Read more by this author’) Fri 22 Nov 2024 // 22:38 UTC [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen) [](https://twitter.com/intent/tweet?text=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen&url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen&summary=He%27ll%20just%20have%20to%20take%20this%20one%20on%20the%20chin) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) The website of self-proclaimed misogynist and alleged sex trafficker and rapist Andrew Tate has been compromised and data on its paying subscribers stolen.His now-ransacked Real World site is where the antagonistic online influencer preaches [eyebrow-raising](https://www.rollingstone.com/culture/culture-features/andrew-tate-empire-real-story-1234696706/) life advice primarily to [young disillusioned](https://www.theguardian.com/news/2024/jan/06/im-andrew-tates-audience-and-i-know-why-he-appeals-to-young-men) men.The British-American ex-kickboxer charges subscribers $50 a month with a promise to help make them wealthier, fitter, and more masculine. The site is said to have more than 113,000 active users, and the guy himself has accumulated millions of followers on various social networks, some of which he has been banned and unbanned from. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z0Gn74lS8HM4nGsYEjakGAAAAMw&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0)Intruders said they copied the contents of Real World’s 221 public and 395 private chat servers, as well as 794,000 of its usernames for current and former members plus a list of 324,382 registered email addresses. This info has apparently been sent to the security breach notification service at Have I Been Pwned and the leak site DDoSecrets. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z0Gn74lS8HM4nGsYEjakGAAAAMw&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0) ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z0Gn74lS8HM4nGsYEjakGAAAAMw&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0)The self-styled hacktivists also spammed Real World’s chat rooms with LGBTQ+ related emojis — owing to [Tate’s views](https://medium.com/matthews-place/how-andrew-tate-is-radicalizing-boys-to-be-anti-lgbtq-online-316a0f7e1d76) on gender and sexuality — and [told](https://www.dailydot.com/debug/andrew-tate-the-real-world-hack/) the Daily Dot his site was ‘hilariously insecure.’ An unpatched flaw allowed them ‘to upload emojis, delete attachments, crash everyone’s clients, and temporarily ban people.’* [Happy birthday, Putin — you’ve been pwned](https://www.theregister.com/2024/10/08/russia_state_news_shutdown/)* [Israeli hacktivist group brags it took down Iran’s internet](https://www.theregister.com/2024/08/02/israeli_hacktivists/)* [‘Gay furry hackers’ say they’ve disbanded after raiding Project 2025’s Heritage Foundation](https://www.theregister.com/2024/07/12/gay_furry_hackers_2025/)* [‘Gay furry hackers’ brag of second NATO break-in, steal and leak more data](https://www.theregister.com/2023/10/04/nato_data_attack/)The cyberattack unfolded while Tate was livestreaming from his home in Romania, where he remains under house arrest. The 37-year-old is [facing trial on charges](https://www.bbc.com/news/uk-64125045) of rape, human trafficking, and forming an organised crime ring to sexually exploit women. He denies any wrongdoing. An appeals court this week [ruled](https://www.newsweek.com/fact-check-andrew-tate-human-trafficking-case-not-dismissed-1988348) some evidence was inadmissible, giving prosecutors days to respond.During the data heist on Thursday, the intruders spammed the main message board with pride icons, pro-trans imagery, and AI-generated images of Tate draped in a rainbow flag.This comes after the Real World [was found](https://cybernews.com/security/tates-real-world-exposes-user-messages/) to have left an 88GB MongoDB instance unprotected online containing records on 968,447 user accounts, thus exposing user IDs, email addresses, encrypted passwords, verification statuses, account recovery codes, password expiration dates, and reset tokens. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_security/cybercrime&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z0Gn74lS8HM4nGsYEjakGAAAAMw&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0)The Real World had no response at the time of publication. ® [Sponsored: Join in the festive cybersecurity fun](https://go.theregister.com/tl/3110/shttps://www.theregister.com/2024/11/19/join_in_the_festive_cybersecurity/) Share [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen) [](https://twitter.com/intent/tweet?text=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen&url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen&summary=He%27ll%20just%20have%20to%20take%20this%20one%20on%20the%20chin) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) #### More about* [Hacking](/Tag/Hacking/)* [Security](/Tag/Security/) More like these × ### More about* [Hacking](/Tag/Hacking/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybercrime](/Tag/Cybercrime/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Hacktivism](/Tag/Hacktivism/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [Hacker](/Tag/Hacker/) #### More aboutShare [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen) [](https://twitter.com/intent/tweet?text=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen&url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Andrew%20Tate%27s%20site%20ransacked%2c%20subscriber%20data%20stolen&summary=He%27ll%20just%20have%20to%20take%20this%20one%20on%20the%20chin) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/11/22/andrew_tate_raid/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) **32** COMMENTS #### More about* [Hacking](/Tag/Hacking/)* [Security](/Tag/Security/) More like these × ### More about* [Hacking](/Tag/Hacking/)* [Security](/Tag/Security/) ### Narrower topics* [2FA](/Tag/2FA/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Cybercrime](/Tag/Cybercrime/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Firewall](/Tag/Firewall/)* [Hacktivism](/Tag/Hacktivism/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Kenna Security](/Tag/Kenna%20Security/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Surveillance](/Tag/Surveillance/)* [TLS](/Tag/TLS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [Hacker](/Tag/Hacker/) #### TIP US OFF[Send us news](https://www.theregister.com/Profile/contact/)[#### Will passkeys ever replace passwords? Can they?Systems Approach Here’s why they really shouldSecurity6 days -| 115](/2024/11/17/passkeys_passwords/?td=keepreading) [#### Microsoft Power Pages misconfigurations exposing sensitive dataNHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling onlineSecurity8 days -| 6](/2024/11/15/microsoft_power_pages_misconfigurations/?td=keepreading) [#### DARPA-backed voting system for soldiers abroad savagedVotingWorks, developer of the system, disputes critics’ claimsSecurity2 days -| 4](/2024/11/21/darpabacked_voting_system_for_soldiers/?td=keepreading) [#### Why AI builds best on private cloudsAI projects under pressure to show real value in the tightest of timeframes might be worth keeping on-premisesSponsored Feature](/2024/10/29/why_ai_builds_best_on/?td=keepreading) [#### Here’s how a Trump presidency could change the tech industryKettle Anything could happen in the next half … decadePublic Sector9 days -| 123](/2024/11/13/president_trump_tech/?td=keepreading) [#### Five Eyes infosec agencies list 2023’s most exploited software flawsSlack patching remains a problem — which is worrying as crooks increasingly target zero-day vulnsCSO9 days -| 27](/2024/11/14/five_eyes_2023_top_vulnerabilities/?td=keepreading) [#### China’s Volt Typhoon crew and its botnet surge back with a vengeanceOhm, for flux sakePublic Sector10 days -| 4](/2024/11/13/china_volt_typhoon_back/?td=keepreading) [#### Here’s what happens if you don’t layer network security — or remove unused web shellsTL;DR: Attackers will break in and pwn you, as a US government red team demonstratedSecurity1 day -| 2](/2024/11/22/cisa_red_team_exercise/?td=keepreading) [#### Google’s AI bug hunters sniff out two dozen-plus code gremlins that humans missedOSS-Fuzz is making a strong argument for LLMs in security researchAI + ML3 days -| 8](/2024/11/20/google_ossfuzz/?td=keepreading) [#### Healthcare org Equinox notifies 21K patients and staff of data theftRansomware scum LockBit claims it did the dirty deedCyber-crime3 days -| 1](/2024/11/20/equinox_patients_employees_data/?td=keepreading) [#### iOS 18 added secret and smart security feature that reboots iThings after three daysSecurity researcher’s reverse engineering effort reveals undocumented reboot timer that will make life harder for attackersSecurity4 days -| 37](/2024/11/19/ios_18_secret_reboot/?td=keepreading) [#### Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploitYank access to management interface, statCSO8 days -| 28](/2024/11/15/palo_alto_networks_firewall_zeroday/?td=keepreading)

Related Tags:
DEV-0391

UNC3236

Voltzite

Vanguard Panda

NAICS: 81 – Other Services (except Public Administration)

NAICS: 813 – Religious

Grantmaking

Civic

Professional Services

Similar Services

BRONZE SILHOUETTE

Volt Typhoon

Sodinokibi

Associated Indicators:

Threat Intel Solutions

Andrew Tate’s site ransacked, subscriber data stolen

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us