The Week in Dark Web – 19 December 2022 – Access Sales and Leaks
Powered by DarkMirror™
Threat actors always search for something profitable for their malicious activities, whether a government institute or a company from any industry. The most precious thing for them is personal data, even outdated ones.
Last week, cybercriminals continued to seek financial gain over organizations’ sensitive data. Sometimes by selling access, sometimes by the data itself.
Here’s what happened on the dark web.
Find out if your data has been exposed on the deep web.
Sensitive Documents of NYPD are Leaked
SOCRadar Dark Web team found that some documents of the New York Police Department leaked on 15 December. One of these documents is a database for officers’ personal information, and the other is a [.]docx file containing user names.
Chinese Citizens’ Database is for Sale
On 15 December, SOCRadar found a database containing information about Chinese stock customers. The database contains the data of transactions for the stock trade and personally identifiable information about customers. The vendors direct people to messaging instead of naming a price.
Unauthorized Access Sale for an American Pharmacy Company
SOCRadar Dark Web team has found a post related to an unauthorized access sale for an American pharmacy. The access is on sale for $500, and the vendor also wants a guarantor service. What makes this post interesting is the vendor specifically mentions CTI and InfoSec to “go away” and even says a specific cybersecurity firm in the post.
Unauthorized Access Sale for an Italian Company
On 15 December SOCRadar Dark Web team found a forum post about unauthorized VPN user access to an Italian Retail Company. The vendors of the post claim that the victim company has a turnover of more than $100 million and retails household goods. The network has over 700 devices, and it is stated that the presence of an anti-virus program is unknown. The access is auctioning with a $1500, $500, and $3000 start, step, and blitz, respectively.
Unauthorized Access Sale for a Spanish Company
On 13 December, the SOCRadar Dark Web team found a forum post about unauthorized RDP access to a Spanish optical store. The vendors claim that the victim store has a revenue of €500 million and has international sales channels. The price for access is $1000.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.