Deep Web

Pierluigi Paganini May 08, 2023
Money Message gang leaked private code signing keys from MSI data breach

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site. In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards […]

Pierluigi Paganini May 02, 2023
SpecTor operation: 288 individuals arrested in the seizure of marketplace Monopoly Market

International law enforcement operation SpecTor resulted in the seizure of an online marketplace and the arrest of nearly 300 people. In an international law enforcement operation coordinated by Europol, codenamed ‘SpecTor’, the police seized the illegal dark web marketplace ‘Monopoly Market.’ The law enforcement agencies from nine countries (Austria, France, Germany, the Netherlands, Poland, Brazil, […]

Pierluigi Paganini April 24, 2023
EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. Fortinet FortiGuard Labs researchers discovered a new “all-in-one” info stealer for Windows, dubbed EvilExtractor (sometimes spelled Evil Extractor) that is available for sale on dark web cybercrime forums. EvilExtractor is a modular info-stealer, it exfiltrates […]

Pierluigi Paganini April 05, 2023
STYX Marketplace emerged in Dark Web focused on Financial Fraud

Resecurity has recently identified the STYX Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. The STYX marketplace was launched at the beginning of 2023. This platform is specifically designed to facilitate financial crime, providing cybercriminals with a range of services, including stolen financial data, credit card information, […]

Pierluigi Paganini March 04, 2023
BidenCash leaks 2.1M stolen credit/debit cards

The dark web carding site BidenCash recently leaked for free a collection of approximately 2 million stolen payment card numbers. An archive containing 2.1 million stolen payment card numbers is available for free to commemorate the anniversary of the dark web carding site BidenCash. The dump was released on February 28, it was published through […]

Pierluigi Paganini January 12, 2023
Threat actors claim access to Telegram servers through insiders

Researchers reported that a threat actor claims to provide access to internal servers at Telegram for $20,000. SafetyDetectives reported that a member of a dark web marketplace is claiming to provide access to internal servers at Telegram for $20,000. The seller claims that the access is permanent because is provided by insiders that are staff […]

Pierluigi Paganini January 09, 2023
Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Cybersecurity firm Resecurity published report on drug trafficking marketplaces currently operating in the Dark Web Resecurity, a Los Angeles-based cybersecurity and risk management provider has released an eye-opening report on drug trafficking marketplaces currently operating in the Dark Web. The report highlights a rapidly growing shadow economy, and new communication methods such as proprietary Android-based […]

Pierluigi Paganini December 08, 2022
Zombinder APK binding service used in multiple malware attacks

Zombinder is a third-party service on darknet used to embed malicious payloads in legitimate Android applications. While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. The campaign involved the Ermac Android banking Trojan along […]

Pierluigi Paganini December 05, 2022
Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries Resecurity, the California-based cybersecurity company protecting major Fortune 500 companies, has identified a new underground marketplace in […]

Pierluigi Paganini November 29, 2022
Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Cyble observed Initial Access Brokers (IABs) offering access to enterprise networks compromised via a critical flaw in Fortinet products. Researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical flaw, tracked as CVE-2022-40684, in Fortinet products. In early October, Fortinet addressed the critical authentication bypass flaw, […]