Alarming Increase of Access Sales in the Dark Web
The SOCRadar Dark Web Team has revealed an alarming increase in the sales of unauthorized network access to a myriad of companies in the previous week. From research centers to online retail platforms, no sector seems immune to cyber threats.
Join us as we delve into the ominous landscape of the dark web to unravel the details behind this unsettling surge in access sales.
Find out if your data has been exposed.
Unauthorized Network Accesses for Multiple Companies
A sale of unauthorized network accesses to various companies has been detected on a hacker forum. This package includes access to 28 IPs, spanning multiple industries such as probation offices, cloud services, and transportation/construction companies in the USA and Spanish-speaking countries like Mexico and Peru. The access levels vary, with some offering root/admin privileges and others at lower levels with the possibility of escalation. The starting bid for this extensive access package is $450, with the option of escrow or a free trial before payment.
Network Access Sales for Numerous Shops
Similarly, unauthorized network access to various shops has been offered for sale. The list includes diverse shops from different countries with varying numbers of orders processed last month. The starting bid for these accesses is set at a modest $50, escalating in $50 increments, with a blitz price of $200. This sale highlights the vulnerability of online retail platforms to unauthorized access and potential data breaches.
American Exchange Server Admin Access on Sale
An unauthorized sale of admin access to an American exchange server, specifically a research center, has been identified. Priced at $1,500, this access offers control over an exchange server, a critical component in enterprise communication networks. The sale of such access poses significant risks to the integrity and confidentiality of the research center’s communications and data.
Building Materials Manufacturer in the U.S. Compromised
A network access sale involving a U.S.-based building materials manufacturing company has been detected. With revenues exceeding $32.5 billion, the company is vulnerable to unauthorized VPN and RDP access. The sale includes access to a vast network of 25,000 hosts and 350 on-premise Windows servers. The seller demands 0.5 bitcoins and offers guidance for successful exploitation, indicating a severe corporate network security breach.
Casino Management Company RDP Access for Sale
An alarming sale of unauthorized RDP access to a casino management system operating in European countries, including Serbia, Bulgaria, Albania, and Georgia, has been reported. The access encompasses Windows Servers hosting gaming machines, applications, and real-time data. Additionally, the sale offers database and device credentials (Mikrotik, TP-Link, Synology) at a negotiable price per server/database/credential. The potential breach of such sensitive data and systems in the gambling industry raises significant security and privacy concerns.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.