SOCRadar® Cyber Intelligence Inc. | The Week in Dark Web – 26 September 2022 – Access Sales and Data Leaks


Sep 26, 2022
2 Mins Read

The Week in Dark Web – 26 September 2022 – Access Sales and Data Leaks

Powered by DarkMirror™

Threat actors threaten organizations by selling databases containing sensitive data and accesses that could pave the way for potential attacks. Here is the summary of this past week.

Find out if your data has been exposed on the deep web.

Receive a Free Deep Web Report for Your Organization

Database of Russian Federal Bailiff Service is Leaked 

On 22 September 2022, a database leak was posted in a hacker forum that the SOCRadar regularly monitors. The database contains 8.4 million lines of information. The victim organization is Russian FSSP, the country’s official bailiff service.

Unauthorized Network Access Sales of Indian Government 

On 26 September, a hacker forum monitored by SOCRadar Analysts shared multiple network accesses for sale. The threat actor claims networks are related to different ministries of the Indian Government, including the ministry of finance and defense. Each network is sold separately, highlighting the access type and user.

Multiple Network Access Sales in One Post 

SOCRadar detected a new alleged authorized network access sale post in a hacker forum on 21 September 2022. The threat actors share 17 unauthorized network accesses in a post. Each network, including country and industry information, is sold separately. Also, access type and bypassed security system information are shared in the post. 

Database of an E-Trading Company Leaked 

On 21 September, a notice for selling a new database belonging to an e-trading company headquartered in Russia. The leak contains the information of 3. 7 million users’ personal information and IP addresses.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.