The Week in Dark Web – 7 November 2022 – Data Leaks and Access Sales
Powered by DarkMirror™
Threat actors continued to sell databases and access to organizations’ systems on hacker forums last week. Check out the latest dark web summary and see what’s happening on the dark side.
Find out if your data has been exposed on the deep web.
Customer Database of Vietnamese Aviation Company is for Sale
SOCRadar Dark Web researchers have found a database sale about Vietnamese aviation company customers related to a data breach that occurred in the past months. The vendor claims that the database includes 6.2 million lines of information. Also, the vendor mentions a specific middleman account to use escrow service for the transaction/s. The price of the database is $8.000 for multiple sales. However, the vendor addresses that one can pay $30.000 to buy the database to keep the only copy.
A Hacker Gained Unauthorized Admin Access to Indonesian Ministry of Finance Requests Help
On 2 November, threat actors shared a post on a hacker forum that the SOCRadar Dark Web team keeps an eye on. On the post, a hacker shared images in the Indonesian Ministry of Finance and stated that s/he could not understand what to do and needed a user with a higher reputation to help. The post is also shared as hidden content to restrict the post’s visibility in the forum.
Iraqi Cyber Crime Records are Leaked
On 1 November, SOCRadar researchers found a leaked database belonging to Iraqi authorities. The database is about cybercriminal records in Iraq and composes of three different files. Since the post does not include any further information, one cannot be sure whether this leak can be described as an act of hacktivism or shared for reputational purposes only.
Database of a Russian Retailer is Leaked
On 30 October, a database containing 17 million users’ information was leaked on a forum. The database belongs to a Russian retailer, and the leak originates from a data breach that occurred in June 2019. Leaks like that can sometimes be re-shared by users in hacker forums to improve the reputation of their accounts.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.