Reading:
The Week in Dark Web – 23 July 2021 – Ransomware to Data Theft

The Week in Dark Web – 23 July 2021 – Ransomware to Data Theft

July 23, 2021
Powered by DarkMirror™

This week’s edition covers the latest dark web news from the past week. admin access sale, company database theft, and stealing personal data are on the rise and took their place on the headlines this week. Click here to read the last week’s edition. Here are the details of the major events that took place on the deep web this week:

The New Ransomware Victim of Lockbit 2.0

On July 22, 2021, on the Lockbit 2.0 ransomware group website, SOCRadar detected a post allegedly announcing a ransomware attack that targeted a commercial baker from the UAE. The victim corporation is a long-lasting organization known for serving local bakery products with its revenue of $7 million. According to the ransomware post, the data dump including all available data of the victim corporation will be published on July 29.

Customer Database of One of The Mobile Dating Apps of Saudi Arabia Leaked On The Dark Web

On July 18, 2021, a vendor offered to sell a user database belonging to one of the mobile dating apps in Saudi Arabia on a dark web forum monitored by SOCRadar. The victim organization gives people an opportunity to receive anonymous messages from different people and to date, more than 20 million messages have been sent through the application. While there was no detailed information about the content of the database, the vendor stated the database includes information of over 4 million users.

Database Belonging to The Ministry of Energy of Saudi Arabia For Sale On The Dark Web Marketplace

On July 12, 2021, SOCRadar detected a post allegedly announcing a ransomware attack that targeted an entertainment organization from Mexico on the REvil ransomware group website. Established in 1971, the victim corporation is an international cinema firm with its over 27 thousand employees. The group behind the attack known as REvil is said to be also responsible for last month’s ransomware attack on major companies in the US. If the victim organization would not cooperate with the ransomware group, the ransom gang threatened to sell sensitive information belonging to the entertainment organization.


Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, it is simply not feasible to monitor all sources which can be time-consuming as well as challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by targeted country or industry.