SOCRadar® Cyber Intelligence Inc. | The Week in Dark Web – 23 August 2022 – Access Sales and Data Leaks


Aug 23, 2022
4 Mins Read

The Week in Dark Web – 23 August 2022 – Access Sales and Data Leaks

Powered by DarkMirror™

This week’s edition covers the latest dark web news from the past week. This week’s headlines are government leaks, dark web access sales, and vast databases of user information.

Find out if your data has been exposed on the deep web.

Receive a Free Deep Web Report for Your Organization

Leak of Russian Ministry of Defense in a Hacker Forum

On 19 August, a notice for selling a new alleged database belonging to the Russian Ministry of Defense was published in a hacker forum. The vendor calls the leak “Operation Ruble” and states some leaks would be sold and some would be free to access. Interestingly the vendor says there are phone numbers used by Russian Ministry of Defense Chief Sergei Shoigu. 

Leaked Database of French Consumers

In a hacker forum monitored by SOCRadar, a database sale contains 9 million French citizens. The post claims at least 1+ million of the leaked contracts have IBAN information. Also, half of the leaked data was the mobile phone number of the citizens. 

Unauthorized Network Access Sale of an Energy Company 

SOCRadar detected an unauthorized network access sale of an Energy Company that operates in India on a hacker forum on 19 August 2022. The sale includes an admin account of the network domain. The vendor claims the company has a revenue of $158 million, and the company operates a gas-based power station.

Database of Armed Forces of Philippines and MBDA Missile System is on Sale

SOCRadar noticed a new alleged database of the Philippines Armed Forces and MBDA Missile System on 18 August. The post states individual prices would be announced later, but all the leak files can be bought once for 1BTC. The total leak file has a size of 70GB.

Unauthorized RDP Access Sale of 700 Chinese Office Systems with Permissions 

On 17 August, a dark web vendor attempted to sell unauthorized RDP access for 700 Chinese organizations on a dark web forum monitored by SOCRadar. The deep web vendor claimed that the victims are governmental and corporate-originated organizations. The vendor also claims that the accesses can be used for data extortion or ransomware purposes.

Database of Shanghai Police is Leaked & Selling for 8BTC

On 9 August, a dark web vendor put the complete Shanghai Police database, including 1.2 billion records, for sale in a hacker forum monitored by SOCRadar. According to the vendor, the database contains 980 million citizens’ information and a 400GB food order table. The vendor offers a guarantor service for the sale. The post also includes the start, step, and flash values and the ending time of the bid.

Vietnamese Citizens’ Database Leak 

On 9 August, a database leak of Vietnamese citizens was spotted by SOCRadar. The post claims almost 7 million citizens’ information has been leaked. The database contains ID, name, gender, birthday, phone number, job, and address information. The vendor states that the breach is from May 2022. 

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.