Blog

Latest articles from SOCRadar

Deep Web Profile: Karakurt Extortion Group
May 20, 2022

Deep Web Profile: Karakurt Extortion Group

Karakurt has extorted sensitive data from nearly 40 different organizations within a year, a Russian-originated cybercriminal organization. So what is the cause of the group's "success," and who are they? Karakurt: A Ransomware Gang or… Continue Reading

What is the RaidForums?
May 13, 2022

What is the RaidForums?

RaidForums was launched in 2015 by Diogo Santos Coelho of Portugal, aka Omnipotent.  Cybercriminals enormously used the RaidForums hacker site to obtain and sell stolen datasets. The forum represented a database sharing and marketplace forum,… Continue Reading

May 9, 2022

The Week in Dark Web – 9 May 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

April 25, 2022

The Week in Dark Web – 25 April 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

Deep Web Profile: AgainstTheWest/BlueHornet Part 2
April 20, 2022

Deep Web Profile: AgainstTheWest / BlueHornet [Part 2]

As explained in the first part, the famous leak group AgainstTheWest/BlueHornet decided to shut their operations after their unsuccessful private forum attempt. Still, two significant incidents had crucial effects on their decision: the shutdown of RaidForums on… Continue Reading

April 18, 2022

The Week in Dark Web – 18 April 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

Deep Web Profile: AgainstTheWest / BlueHornet
April 15, 2022

Deep Web Profile: AgainstTheWest / BlueHornet [Part 1]

In October 2021, a new leak group emerged in RaidForums with the handle AgainstTheWest. They have started actively targeting major organizations and state-affiliated corporations in China. Part 1: The Birth of AgainstTheWest Their fame grew… Continue Reading

‘Fullz,’ ‘Dumps,’ and More: What are Hackers Selling on the Black Market?
April 14, 2022

‘Fullz,’ ‘Dumps,’ and More: What do Hackers Sell on the Black Market?

It’s easy to appreciate the importance hackers place on stolen bank accounts, credit cards, and social security numbers. Each of those products is a component of the ordinary person’s financial life. Its easy conversion to… Continue Reading

Top 10 Telegram Channels for Hackers
April 14, 2022

The Top 10 Dark Web Telegram Chat Groups and Channels

After the privacy policy scandal of WhatsApp in January 2021, Telegram was one of the trending apps to replace WhatsApp regarding its privacy policy. This situation makes Telegram more popular than ever before! Due to… Continue Reading

What is Malware as a Service?
April 12, 2022

What is Malware as a service (MaaS)?

In time, the hacker underworld creates a similar model of Software-as-a-Service (SaaS). Malware as a service and SaaS have a similar duty with one main difference; MaaS is an unlawful version of SaaS. MaaS gives… Continue Reading

Is Nginx 0-Day RCE Vulnerability False Alarm?
April 12, 2022

Is Nginx Zero-Day RCE Vulnerability False Alarm?

On Saturday, April 9, it was announced that there was a zero-day RCE vulnerability for webserver Nginx version 1.18 in the post made from the Twitter account BlueHornet, which is associated with the group AgainstTheWest. The threat… Continue Reading

Android Banking Malware Octo
April 11, 2022

Android Banking Malware Octo Allows Remote Control on Infected Devices

A banking trojan Octo has been discovered, downloaded from the Google Play Store, and targeting banks and financial institutions. It is thought to have been downloaded more than 50,000 times. Expressed as a new version… Continue Reading

Lockbit 3.0
April 6, 2022

Lockbit 3.0: Another Upgrade to World’s Most Active Ransomware

Lockbit Ransomware gang, also known as Bitwise Spider, are the cybercriminal masterminds behind the popular Lockbit Ransomware-as-a-service. They are one of the most active ransomware gangs with generally multiple victims per day, sometimes higher. On… Continue Reading

Borat Remote Access Trojan (RAT)
April 4, 2022

New Remote Access Trojan (RAT) named Borat on the Darknet Markets

Threat actors are developing more advanced attack techniques every day. They even help non-technical attackers by publishing toolkits. With these toolkits, anyone can easily access victims' systems remotely, perform DDoS attacks or deploy ransomware. Borat,… Continue Reading

March 31, 2022

What Cyber Security Experts Think: How to Make Money on the Dark Web?

People increasingly purchase and sell items in the Internet's most obscure corners. Amazon, Shopify, Walmart, and eBay are all well-known e-commerce platforms. These are frequently the first internet stores where we purchase our goods. However,… Continue Reading

Lapsus$ Extortion Group
March 31, 2022

Dark Web Profile: Lapsus$ Extortion Group

The Lapsus$ group, which started its activities a short time ago, managed to attract the whole world's attention. With their high-profile target and unconventional tactics and methods, are we just facing a "new player in… Continue Reading

Is Lapsus$ Extortion Group "Officially Back from Vacation"?
March 30, 2022

Is Lapsus$ Extortion Group “Officially Back from Vacation”?

The Lapsus$ group announced that they would be on vacation until March 30 after the notorious Okta attack. In the early hours of yesterday morning, the threat actor announced that they were "officially back from… Continue Reading

March 28, 2022

The Week in Dark Web – 28 March 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

How to Identify Spear Phishing?
March 25, 2022

How to Identify Spear Phishing?

Successful spear phishing accounts for up to 95 percent of all attacks on enterprise networks. Because of the proliferation of COVID-19, attacks escalated in 2020, with hackers preying on stay-at-home workers who aren't protected by… Continue Reading

Automotive Industry Under Ransomware Attacks
March 25, 2022

Automotive Industry Under Ransomware Attacks

Although the automotive industry has begun to digitalize its manufacturing facilities, most businesses still treat cybersecurity as an afterthought. According to a recent analysis on threat trends, about half of the top 100 manufacturers are… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo