Reading:
The Week in Dark Web – 25 April 2022 – Access Sales and Data Leaks

The Week in Dark Web – 25 April 2022 – Access Sales and Data Leaks

April 25, 2022
Powered by DarkMirror™

This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines this week. Click here to read the last weeks post.

Find out if your data has been exposed on the deep web.

Receive a Free Deep Web Report for Your Organization

Leaks of Russian Food Delivery Service and The Customer Database is Put On Sale

A Russian food delivery service, Buffet24.ru originated in Krasnoyarsk, was hacked on 20 April, including the customer data such as user name, phone numbers, addresses, type of the payment, and other preferences belonging to the customer were leaked. The database leaks covering the period 2017-2022 are priced at 81k. As a result of observation by SOCRadar, the attacker sharing this announcement also shares samples and accessible links for the leaks in a hacker forum.

Database and Vulnerability of Kla Corporation are Put on Sale by Hackers

On 20 April, a notice for selling a new alleged database and vulnerability belonging to KLA Corporation was published in a hacker forum. This selling announcement includes some loggings directly from KLA Corporation and KLA’s vulnerabilities. The name, e-mail, and password information of 1,858 users were leaked.

Login Informations and Vulnerability of Unvision are on Sale

On 19 April, SOCRadar noticed that the hacker forum’s login information and vulnerability were sold. Login information and vulnerability belonged to Univision. The hacker forum has 29 admin users.

Database of Phone Lines from the U.S. Has Leaked

On 19 April, SOCRadar noticed that a new alleged phones database was leaked. This database leak is detected for United States. Phones databases from more than 183 millions of lines include full name, full address, phone, mail, gender, carrier of victims.


Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.