Reading:
The Week in Dark Web – 21 May 2021 – Deep Web Asia

The Week in Dark Web – 21 May 2021 – Deep Web Asia

May 21, 2021
Powered by DarkMirror™

This week’s edition covers the latest dark web news from the past week. admin access sale, company database theft, and stealing personal data are on the rise and took their place on the headlines this week. Click here to read the last week’s edition. Here are the details of the major events that took place on the deep web this week:

Customer Database of an Indonesian Company is Leaked On the Dark Web

On May 20, 2021, a vendor offered to share a database belonging to an Indonesian company, on a dark web forum monitored by SOCRadar. While there is no detail about the victim company, the vendor claimed to have information of over 3000 users and various tables of the firm. Further, the vendor shared a sample as Raw SQL to prove the database content.

PII of 221 Thousand Indonesian Citizens For Sale On the Dark Web Marketplace

On May 19, 2021, a vendor attempted to sell a database containing personally identifiable information (PII) of 221 thousand Indonesian citizens on a dark web forum monitored by SOCRadar. The vendor, seizing information on ID cards of the victim citizens, put the database on sale for 0.1 BTC. Although it was not clear how the database had been obtained, the vendor asserted the database contained full names, photos, addresses and various personally identifiable information (PII) in bcrypt format.

Looking for Leaked Information of the UAE and Malaysia On the Dark Web

On May 18, 2021, a threat actor posted a thread looking for leaked information for UAE and Malaysia on a dark web forum tracked by SOCRadar. According to the dark web post, the buyer was willing to seize various data belonging to firms or citizens of the UAE or Malaysia. The desired information was related to airports, banks, hotels, insurance companies or mobile operators.

Unauthorized Webmin Root Access Sale Detected for a Saudi Arabian Company On the Dark Web

On May 14, 2021, on a dark web forum monitored by SOCRadar, a vendor put unauthorized webmin root access allegedly for a Saudi Arabian company for sale. According to the vendor’s claim, the victim company is engaged in the delivery of gas and petrochemical products with a revenue of $16.4 million. The vendor also stated that the webmin root access was on sale for the mobile application of the company and it comprised 12.5 GB of data.

Sensitive Documents of a Company operating in the UAE Dumped On the Deep Web

On May 18, 2021, on a dark web forum monitored by SOCRadar, a document database sale was detected for a company from the UAE. The dark web vendor claimed to have 1 GB of 850 files including ID cards, passports, resumes and various sensitive documents in the database. While there is no other information available about the company and the database, according to SOCRadar Analyst these files can be used for different social engineering attacks such as phishing.


Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, it is simply not feasible to monitor all sources which can be time-consuming as well as challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by targeted country or industry.