SOCRadar® Cyber Intelligence Inc. | The Week in Dark Web – 11 October 2021 – Rise of Ransomware Attacks


Oct 11, 2021
3 Mins Read

The Week in Dark Web – 11 October 2021 – Rise of Ransomware Attacks

Powered by DarkMirror™

This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines this week. Click here to read the last weeks post.

Find out if your data has been exposed on the deep web.

Receive a Free Deep Web Report for Your Organization

User Database of a Digital Game Distribution Giant Leaked On The Dark Web

On October 9, a vendor claimed to have a user database allegedly belonging to a digital distribution platform operating globally on a dark web forum monitored by SOCRadar. The victim platform is engaged in purchasing and playing games. According to the dark web post, the shared database contains 2.3 GB of data, including full names, emails, phone numbers, and passwords.

Unauthorized Access Sale Detected For a Law Firm From Europe On The Dark Web

On October 7, on a dark web forum monitored by SOCRadar, a vendor attempted to sell unauthorized access allegedly for a law firm from Europe. The dark web vendor claimed that the buyer would have admin access with share rights to the victim firm’s servers. The vendor also stated that the admin access could permit obtaining documents, PDFs, Excel’s and emails belonging to the firm.

The New Ransomware Victim of Pysa

On October 7, the SOCRadar team detected a post allegedly announcing a ransomware attack that targeted a fashion firm from Canada on the Pysa ransomware group website. Established in Vancouver, the victim corporation is a children’s fashion shop catering to newborns up to 14 years old with a revenue of $1.3 million. The group behind the attack, Pysa, is also responsible for last month’s ransomware attack on the education industry.

RDP Access Sale Detected For An Automotive Company from Qatar

On October 6, on a dark web forum monitored by SOCRadar, a dark web vendor offered to sell Remote Desktop Protocol (RDP) access allegedly for a management company from London. According to the vendor, the buyer would have access to web servers and databases. The vendor also stated that the victim firm has a revenue of $14 million and has been providing management solutions for many years.

Phone Number Database for Ukraine Allegedly Put For Sale On The Dark Web

On September 21, a vendor offered to sell a phone number database allegedly belonging to Ukrainian citizens on a dark web forum monitored by SOCRadar. While the dark web vendor did not give any detail about how the database was obtained, the surfaced database contained 4 million phone numbers. The vendor also stated that the database is up to date and %90 of the phone numbers in the database are active.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, it is simply not feasible to monitor all sources which can be time-consuming as well as challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by targeted country or industry.