TikTok Breach Claims, Windows 0-Day Exploit, and UK Credit Card Auction Identified

SOCRadar’s Dark Web Team uncovered several notable threats across hacker forums this week. Among the key findings is an alleged TikTok data breach, with ransom demands tied to nearly one million user records. Additionally, a new Windows local privilege escalation (LPE) 0-day exploit has been advertised for sale, alongside listings for stolen bank logs from a Scottish company and UK-based credit card records. These discoveries illustrate the continued targeting of major platforms, financial institutions, and users across multiple regions.

Receive a Free Dark Web Report for Your Organization:

Alleged Data of TikTok is Leaked

SOCRadar’s Dark Web Team has identified a new alleged data breach affecting TikTok, with claims originating from the R00TK1T threat group. The attackers stated they leaked a sample of 972,000 user records, including emails and passwords, as retaliation against TikTok’s alleged negligence. They have demanded 50 BTC within 48 hours to prevent further exposure, threatening more severe disruptions if ignored.

The claim initially appeared on Telegram and later expanded to various dark web forums. However, R00TK1T’s credibility remains questionable, as the group previously shifted from cyberattacks to offering pentest services and had largely disappeared. Caution is advised when assessing the validity of this alleged breach.

Alleged Windows 0-Day LPE Exploit for Sale

SOCRadar’s Dark Web Team has detected a new alleged 0-Day local privilege escalation (LPE) exploit for Windows being advertised. According to the seller, the exploit affects Windows versions 10 and above. The asking price is $70,000, and the transaction is proposed to be conducted through a guarantor.

Alleged Bank Logs of a Scottish Company for Sale

SOCRadar’s Dark Web Team has detected an alleged sale of bank logs belonging to a Scottish company. The dataset allegedly includes debit card information, ATM PINs, full names, contact details, billing addresses, and other sensitive financial data. The price is set at $2,500, and communication is offered via Telegram.

Alleged 1K Credit Cards Belonging to the United Kingdom are on Sale

SOCRadar’s Dark Web Team has detected an alleged sale of 1,000 credit card records related to individuals in the United Kingdom. The dataset reportedly includes card details along with holder names, addresses, contact information, and email addresses. The sale terms specify a starting price of $2,000, with incremental steps of $500, and a flash sale offer at $5,000. Communication is handled via private messages.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.