SOCRadar® Cyber Intelligence Inc. | The Week in Dark Web – 16 May 2022 – Access Sales and Data Leaks


May 16, 2022
3 Mins Read

The Week in Dark Web – 16 May 2022 – Access Sales and Data Leaks

Powered by DarkMirror™

This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines this week. Click here to read the last weeks post.

Find out if your data has been exposed on the deep web.

Receive a Free Deep Web Report for Your Organization

Database Lekage of Tele2, Beeline, MTS, Megafon Is On Sale

On 12 May 2022, SOCRadar noticed a new alleged Russian phone operators’ database sale for Tele2, Beeline, MTS, and Megafon in the hacker forum. This database includes victims’ names, emails, phone numbers, city/region, time zone, and gender. Cybercriminals offer $25 for every 10k leads on the forum to users who can contact them at the telegram address.

Puerto Rico Companies are Hacked and the Database is Leaked

On 11st May 2022, an announcement was posted in a hacker forum that the SOCRadar keeps eye on. This post announced a new database leak for companies in Puerto Rico. Moreover, the database consists of 90,560 lines with text type of file. However, the content of the leak, what the database serves and the price for the leak weren’t mentioned in the post.

Unauthorized Network Access Sale For a Colombian Company

SOCRadar detected a new alleged authorized network access sale for a company that operates in Colombia on the hacker forum on 5 May 2022. This authorized network access is on sale for $700 million.

Cloud Access for a Mining Company based on Brasil is Captured and Put on Sale

In the same week, on 11st May, another unauthorized access was announced on the post in a hacker forum. This was an access to Citrix belonging to Fiemg which makes a significant contribution to the mining sector, with the goal of sustaining and increasing its competitiveness based on Brazil. While announcement about the access sale was done in the post, the basic information of the company such as number of the employees, revenue of the company, access type also shared with the potential buyers. The price for accessing the layers of the cloud system is also determined and shared via the post. Server, application, and desktop virtualization, networking, software as a service, and cloud computing technologies are all provided by this cloud computing and virtualization technology business which is based on USA. (Source: All in one Workspace Solution for Secure Access to Apps and Data)

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.