Dark Web Sales: E-Commerce and Crypto Wallets’ Databases, Fortinet Access in US, UK Credit Cards
Embarking on a relentless pursuit of the shadows, the SOCRadar Dark Web Team brings to light a series of alarming cyber incidents. From a massive e-commerce data sale to the unauthorized access threats targeting Western companies, join us as we navigate the intricate web of data breaches, crypto wallets’ database sale, and illicit access auctions that underscore the ever-growing threats to digital security.
Find out if your data has been exposed.
5.5 Million Lines of E-Commerce Data on Sale
A new database sale involving e-commerce customer data has been detected on a hacker forum. This substantial database contains over 5 million lines of data, amounting to 1.4GB in MySQL format. The leaked data, dated August 2023, encompasses personal information, including user IDs, email addresses, encrypted passwords, names, addresses, birthdays, and contact details. The leak includes IP addresses for every entry, raising significant privacy concerns.
Crypto Wallets and Gambling Databases Marketed
In another alarming incident, databases linked to crypto wallets and gambling sites are being sold. These databases reportedly originate from various crypto platforms and gambling websites, including Coinbase, Binance, and Stake.com. The seller claims these are not leaks but rather collections of verified and active emails spanning 2022-2023. The volume of data is significant, with 1.5 million lines from gambling sites and 800,000 from crypto wallets.
Unauthorized RDP Access Sales for Western Companies
There’s a troubling trend in unauthorized Remote Desktop Protocol (RDP) access sales targeting US, Canadian, and European companies. The forum post advertises local and domain admin access with varying prices based on the company’s revenue, signaling a severe security threat for businesses operating in these regions.
Unauthorized Fortinet Access Sale for a US Company
A notable instance of unauthorized access sale involves a US company’s Forti products. This case is particularly concerning due to the popularity of Fortinet products and their known vulnerabilities, as detailed in a previous SOCRadar blog. The seller is auctioning off access to over 500 products of a high-revenue company, with bids starting at $20,000 and a percentage demand on the final deal.
Sale of 2,500 UK Credit Cards
Lastly, a seller claims ownership of 2,500 UK credit cards, presumably obtained through spamming activities. The cards are said to have a 40% validity rate and are being sold for $2.5 each. The seller is open to escrow deals and provides a sample to serious buyers, showcasing a disturbing trend in the commodification of financial data.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.