Reading:
The Week in Dark Web – 25 June 2021 – Threat Actor Syndicate

The Week in Dark Web – 25 June 2021 – Threat Actor Syndicate

June 25, 2021
Powered by DarkMirror™

This week’s edition covers the latest dark web news from the past week. admin access sale, company database theft, and stealing personal data are on the rise and took their place on the headlines this week. Click here to read the last week’s edition. Here are the details of the major events that took place on the deep web this week:

The New Ransomware Victim of Babuk

On June 21, 2021, on the Babuk ransomware group website, SOCRadar detected a post allegedly announcing a ransomware attack that targeted a computer supplier firm from Saudi Arabia. The victim corporation is a long-lasting organization providing technologic and implemented IT solutions in Saudi Arabia. According to the ransomware post, the data dump has 495 GB of sensitive information including the full email archives.

Unauthorized VPN-RDP Access Sale Detected for an Enterprise from The UAE on The Dark Web

On June 21, 2021, on a dark web forum monitored by SOCRadar, a vendor attempted to sell unauthorized VPN-RDP access allegedly for a bakery operating in the UAE. According to the vendor’s claim, the victim enterprise has a revenue of over $8 million. The vendor also stated that the VPN-RDP access was at the admin level.

A Database Including PII of 80 Million Indonesian Citizens for Sale on The Dark Web

On June 22, 2021, on a dark web forum monitored by SOCRadar, a dark web vendor offered to sell a database containing personally identifiable information belonging to Indonesian citizens. There is no information about how the vendor obtained the database. However, according to the vendor’s claim, the database comprises full names, addresses and various sensitive information of over 80 million citizens.

Database of An Energy Giant from Saudi Arabian for Sale on The Dark Web Marketplace

On June 24, 2021, a vendor put a database belonging to a Saudi Arabian energy giant for sale on a dark web forum monitored by SOCRadar. The victim organization is engaged in delivery of gas and petrochemical products with a revenue of $230 billion. The vendor claimed to have 1 TB of data including project specifications, analysis reports, agreements and various documents. It is also stated that the database contains personally identifiable information (PII) of the company’s clients.


Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, it is simply not feasible to monitor all sources which can be time-consuming as well as challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by targeted country or industry.