Powered by DarkMirror™
This week’s edition covers the latest dark web news from the past week. admin access sale, company database theft, and stealing personal data are on the rise and took their place on the headlines this week. Click here to read the last week’s edition. Here are the details of the major events that took place on the deep web this week:
The New Victim of Conti Ransomware
On August 25, 2021, on the Conti ransomware group website, SOCRadar detected a post allegedly announcing a ransomware attack that targeted a real estate firm from Indonesia. The Jakarta based victim corporation is a long-lasting organization that offers real estate services that appeal to different industries with its revenue of $478 million. According to the ransomware post, the ransom group would publish all available information belonging to the company.
Live Maps with Documents Belonging to a Car Rental Company From The UAE On Sale
On August 27, 2021, a vendor put a database assertedly belonging to a car rental company from the UAE for sale on a dark web forum monitored by SOCRadar. The victim organization is engaged in local car rental in Dubai. While it is not clear how the database was seized, the vendor claimed to have documents and personally identifiable information (PII) of 2300 people including the company’s clients and executives.
Unauthorized Network Access Sale is Detected For an Indonesian Shop On The Dark Web Marketplace
On August 22, 2021, on a dark web forum monitored by SOCRadar, a vendor attempted to sell unauthorized access allegedly for an online platform from Indonesia. The dark web vendor claimed that the victim platform is engaged in cosmetics and it has over 9 thousand users. The vendor also stated that the buyer would have admin access to the victim platform’s system and there was a database including full names, addresses, emails and various personally identifiable information (PII) belonging to the users.
Customer Database of a Finance Company From Singapore On Sale On The Dark Web
On August 27, 2021, a vendor offered to sell a database allegedly belonging to a financial institution from Singapore on a dark web forum monitored by SOCRadar. While the dark web vendor did not give any detail about the victim organization, the surfaced details contained full names, addresses, phone numbers and different personally identifiable information (PII) of over 3000 customers. The vendor put the database for $2500 in BTC or USDT.
Unauthorized Network Access Sale is Detected for a Kuwait Educational Institution
On August 26, 2021, on a dark web forum monitored by SOCRadar, a vendor attempted to sell unauthorized access assertedly for an educational organization from Kuwait. According to the dark web post, the victim organization is a private sector college in the country of Kuwait that is committed to developing an extensive network with universities and other institutions around the world. The vendor claimed to have VPN and RDP access for the institution’s system and there were more than 14 thousand accounts in the system.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, it is simply not feasible to monitor all sources which can be time-consuming as well as challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by targeted country or industry.
