The Week in Dark Web – 9 July 2021 – Access and Database

On July 7, 2021, on a dark web forum monitored by SOCRadar, a dark web vendor offered to sell a database containing personally identifiable information belonging to customers of a human capital platform. Jakarta based victim organization is a digital platform connecting the grey-blue collar candidate with jobs. It is not clear how the vendor obtained the database and which size the database was. However, according to the vendor’s claim, the database comprised personally identifiable information belonging to clients of the platform.

An Unauthorized Access for A University from Thailand On Sale

On July 7, 2021, on a dark web forum monitored by SOCRadar, a vendor attempted to sell unauthorized network access for allegedly a university from Thailand. The vendor claimed the victim university has 2000-5000 students and 350 instructors. According to the dark web post, the vendor accessed 9 servers of the university. 3 of these servers were accessed with RDP and there was access to databases, web servers and file transfer protocol servers at the admin level.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, it is simply not feasible to monitor all sources which can be time-consuming as well as challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by targeted country or industry.