Powered by DarkMirror™
This week’s edition covers the latest dark web news from the past week. admin access sale, company database theft, and stealing personal data are on the rise and took their place on the headlines this week. Click here to read the last week’s edition. Here are the details of the major events that took place on the deep web this week:
Database Belonging to An Automotive Parts Store From Saudi Arabia Dumped On The Dark Web
On August 9, 2021, a vendor attempted to sell a database belonging to an automotive parts store from Saudi Arabia on a dark web forum monitored by SOCRadar. The victim company is engaged in the import and sale of spare parts for rare sports cars in Saudi Arabia. The vendor claimed to have 2.3 GB of information of customers and financial data belonging to the firm.
New Victim of The LockBit 2.0 Ransomware
On August 11, 2021, SOCRadar detected a post allegedly announcing a ransomware attack that targeted a petrochemical organization from Indonesia on the LockBit 2.0 ransomware group website. Established in Jakarta, the victim corporation controls the construction and operations of a regasification terminal project in West Java and provides gas storage, transportation, procurement, and sales with revenue of over $35 million. The group behind the attack known as LockBit 2.0 is also responsible for last month’s ransomware attack on Accenture, and the victim firm tied up in $50 million. If the victim organization would not cooperate with the ransomware group, the ransom gang threatened to leak banking data, licenses, certificates, agreements, contracts and similar sensitive information belonging to the victim organization.
Database of The Saudi Arabia Government Allegedly Put For Sale On The Dark Web
On August 9, 2021, a vendor put a database belonging to the Saudi Arabia Government for sale on a dark web forum monitored by SOCRadar. The dark web vendor claimed to infiltrate the government’s computer system and have the citizen database of 17 cities from Saudi Arabia. Further, according to the dark web post, the vendor offered to sell personally identifiable information (PII) including full names, phone numbers and addresses belonging to more than 2000 officials of the state.
User Database of a Medical Platform From Ukraine Leaked On The Dark Web
On August 13, 2021, a vendor offered to share a database belonging to an online medical platform from Ukraine on a dark web forum monitored by SOCRadar. The Kiev based victim organization helps its users compare top clinics and professionals worldwide and it has a revenue of $5 million. The vendor asserted to have names, addresses and various personally identifiable information (PII) of users as well as log data.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, it is simply not feasible to monitor all sources which can be time-consuming as well as challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by targeted country or industry.