The Week in Dark Web – February 5, 2023 – Access Sales and Data Leaks
Powered by DarkMirror™
Threat actors can weaponize even the smallest scraps of information in large-scale attacks. This is why dark web posts that expose personal information, such as data leaks, account and access sales can be critical. Especially if this information belongs to C-level executives or people with a significant influence, the effects are much broader.
SOCRadar regularly scans the surface and dark web to deliver the most contextual cyber threat intelligence. Here’s what hit our radar last week.
Find out if your data has been exposed.
Unauthorized Admin Access Sale Detected for an Italian Clothing Store
On January 29, the SOCRadar dark web team detected an unauthorized admin access sale for a popular Italian clothing store. It is claimed that the store has 6000-8000 purchases monthly. Therefore, it is highly possible to reach that many credit credentials of customers. The access is auctioned for $5000.
Remote Access Trojan for Android is Shared
SOCRadar detected a post on a dark web forum that shared a cracked version of EverSpy v2, -a Remote Access Trojan (RAT), on January 31. The updates compared to the prior version are highlighted in the post, along with a link to the RAT.
American Business People Data is Shared
SOCRadar dark web team has detected a post that shares a database of 19.7 million US business people due to a third-party vendor’s data exposure in 2011. The database includes personally identifiable information and professional information about the victims. However, it is clear that the leak of the database is not new. Posting of already exposed databases usually occurs on the dark web for various reasons.
Credits Cards of US Citizens for Sale
SOCRadar detected a post that sells credit card credentials of US citizens. It is claimed that the cards have 80% validity with a higher price than the average, which highlights that the information about cards is probably recently obtained.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.