#DarkWeb

Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground

by

July 30, 2024 at 07:24AM Cybersixgill’s experts provide insights into dark web threats, emphasizing the importance of understanding the cybercriminal underground. Their State of the Underground 2024 report analyzes cybercrime trends, including compromised credit cards and ransomware markets. Additionally, they offer webinars detailing hacker mindsets and the role of wholesale access markets in facilitating ransomware … Read more

Russians plead guilty to involvement in LockBit ransomware attacks

by

July 19, 2024 at 07:34AM Russian nationals Ruslan Magomedovich Astamirov and Mikhail Vasiliev have admitted to their involvement in numerous LockBit ransomware attacks targeting worldwide victims, including businesses in the US. The operation involved breaching vulnerable systems, stealing data, and deploying ransomware for which they demanded substantial ransoms. The gang has extorted between $500 million … Read more

Rite Aid Becomes RansomHub’s Latest Victim After Data Breach

by

July 15, 2024 at 12:40PM Rite Aid announced a data breach in which a third-party threat actor gained unauthorized access to certain systems. No sensitive personal information was compromised, but customer data related to retail purchases was accessed. RansomHub gang claims responsibility and has threatened to leak stolen data if a ransom is not paid … Read more

HUMINT: Diving Deep into the Dark Web

by

July 9, 2024 at 07:07AM The internet is divided into Clear Web, Deep Web, and Dark Web. Clear Web is publicly accessible, while Deep Web requires credentials and Dark Web involves anonymous and encrypted sources. Tor, a network for anonymous communication, facilitates illegal activities. Criminal services, forums, and network attacks operate within the Dark Web’s … Read more

Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

by

July 8, 2024 at 11:24AM Analysis of dark web malware logs reveals thousands of users accessing child sexual abuse material, shedding light on the potential for combating serious crimes. These info-stealers target various operating systems, harvesting sensitive data for illicit use. The information has been shared with law enforcement to aid in tracking child exploitation … Read more

Infostealer malware logs used to identify child abuse website members

by

July 3, 2024 at 11:52AM Recorded Future’s Insikt Group identified thousands of pedophiles accessing child sexual abuse material (CSAM) using stolen credentials. By leveraging data from information-stealing malware, they tracked unique accounts to usernames on various platforms and shared the gathered information with law enforcement to unmask and arrest the individuals. This innovative use of … Read more

30M Potentially Affected in Tickettek Australia Cloud Breach

by

June 24, 2024 at 12:56PM ShinyHunters has reportedly targeted Ticketek in Australia, compromising data for about 30 million users. The breach, similar to the Ticketmaster incident, occurred through a third-party cloud provider. No user accounts were compromised, and payment information was not accessed. The connection to Snowflake and ShinyHunters remains unconfirmed. Based on the meeting … Read more

Dark-web kingpin puts ‘stolen’ internal AMD databases, source code up for sale

by

June 18, 2024 at 07:12PM Cyber-criminals are selling what they claim to be AMD’s internal data on the dark web, including customer databases, product specifications, financial figures, and staff information. AMD is working with law enforcement to investigate the situation. The individual responsible, known as IntelBroker, has a history of distributing stolen data from high-profile … Read more

Empire Market owners charged for enabling $430M in dark web transactions

by

June 17, 2024 at 04:01PM Two men, Thomas Pavey and Raheim Hamilton, have been charged in a Chicago federal court for operating “Empire Market,” a dark web marketplace that facilitated over $430 million in illegal transactions, including the sale of drugs, counterfeit money, and stolen items. If convicted on all counts, they could face life … Read more

Ukraine busts SIM farms targeting soldiers with spyware

by

June 14, 2024 at 09:28AM The Security Service of Ukraine dismantled infrastructure enabling pro-Russia residents to deploy spyware on soldiers’ devices and operate bot farms. A woman in Zhytomyr supported mobile numbers used for attacks, while a man in Dnipro ran a larger operation selling access to social media accounts to Russian intelligence. Investigations are … Read more