The Week in Dark Web – 9 May 2022 – Access Sales and Data Leaks
Powered by DarkMirror™
This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines this week. Click here to read the last week’s post.
Find out if your data has been exposed on the deep web.
DATABASE OF KOREAN NEWSPAPER COMPANY IS LEAKED & THE DATABASE IS PUT ON SALE
Korean newspaper company Edaily was hacked and the database of Edaily was put on sale according to the post in a hacker forum monitored by SOCRadar. The post was published on April 29th, 2022, and includes a small sample list of the leaks with a little disclosure: “A big Korean website data, hope you like it / small sample list below:”. The leaks which are customer database mostly includes the e-mail address and the password of them.
DATABASE OF PETERSBURG SOCIAL COMMERCIAL BANK IS LEAKED
SOCRadar noticed a new alleged database leak belonging to the Petersburg Social Commercial Bank on the hacker forum on 28th April 2022. There are 229000 e-mails and 630000 files collected up to 14th April 2022 of the bank system in the forum. Also, if the letter is found on the AML/CFT, there is an announcement of the request to write personally.
ILLEGAL VPN ACCESS SALE FOR A BUSINESS INCUBATOR COMPANY IS DETECTED
Unauthorized VPN access sale was detected on April 28th, 2022, in a hacker forum monitored by SOCRadar. This VPN service belongs to a Business Incubator Company. This post on the forum declares that the type of VPN is Cisco – Any Connect, an integrated agent that provides a variety of security services to let organizations enable and protect themselves. The start, step, flash price, and revenue are also added to the post.
UNAUTHORIZED VPN ACCESS SALE OF RUSSIAN COMPANY IN A HACKER FORUM
SOCRadar detected an unauthorized VPN access sale of a Russian Chemical Companies that operate in the Russian Federation on the hacker forum on 27th April 2022. There is a wire-guard VPN access inside a network of several enterprises in the Russian Federation. This network was scanned by OpenVAS which found devices and servers with old vulnerabilities, access to switches, and other devices with standard passwords. Some of these servers Supermicro have admin access.
PRIVATE SERVER L2Etina IS HACKED and THE CUSTOMER DATABASE IS LEAKED
Customer database of private server site L2Etina (l2etine.com) was leaked, and the database was put on sale on April 27th, 2022. The post on the forum announces that the full dump database and the backup for 6k users are on sale! One part of the alleged database folders’ screenshot is added to the post.
DATABASE OF A SOCIAL MEDIA AND CRYPTO RELATED SITE IS LEAKED
SOCRadar detected a new alleged database leak for a social media and crypto-related site in Tokelau on the hacker forum on 27th April 2022. The leaked database contains various information such as comment list, pay date of users, post list, user group, reply list, lottery results, etc.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.