Dark Web

Pierluigi Paganini February 01, 2023
Nevada Ransomware Has Released Upgraded Locker

Researchers from Resecurity have identified a new version of Nevada Ransomware which recently emerged on the Dark Web right before the start of 2023. Resecurity, California-based cybersecurity company protecting Fortune 500 globally, has identified a new version of Nevada Ransomware which recently emerged on the Dark Web right before the start of 2023. The actors […]

Pierluigi Paganini January 09, 2023
Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Cybersecurity firm Resecurity published report on drug trafficking marketplaces currently operating in the Dark Web Resecurity, a Los Angeles-based cybersecurity and risk management provider has released an eye-opening report on drug trafficking marketplaces currently operating in the Dark Web. The report highlights a rapidly growing shadow economy, and new communication methods such as proprietary Android-based […]

Pierluigi Paganini December 08, 2022
Zombinder APK binding service used in multiple malware attacks

Zombinder is a third-party service on darknet used to embed malicious payloads in legitimate Android applications. While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. The campaign involved the Ermac Android banking Trojan along […]

Pierluigi Paganini December 05, 2022
Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries Resecurity, the California-based cybersecurity company protecting major Fortune 500 companies, has identified a new underground marketplace in […]

Pierluigi Paganini November 29, 2022
Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Cyble observed Initial Access Brokers (IABs) offering access to enterprise networks compromised via a critical flaw in Fortinet products. Researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical flaw, tracked as CVE-2022-40684, in Fortinet products. In early October, Fortinet addressed the critical authentication bypass flaw, […]

Pierluigi Paganini November 22, 2022
Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire. It is a multi-purpose botnet with data stealing […]

Pierluigi Paganini October 30, 2022
German BKA arrested the alleged operator of Deutschland im Deep Web darknet market

German police arrested a student that is suspected of being the administrator of ‘Deutschland im Deep Web’ (DiDW) darknet marketplace. Germany’s Federal Criminal Police Office (BKA) has arrested a student (22) in Bavaria, who is suspected of being the administrator of ‘Deutschland im Deep Web’ (DiDW) darknet marketplace. The darknet marketplace has gone off early […]

Pierluigi Paganini October 27, 2022
British hacker arraigned for running The Real Deal dark web marketplace

A popular British hacker was charged by the U.S. authorities for allegedly running the ‘The Real Deal’ dark web marketplace. The British hacker Daniel Kaye (aka Bestbuy, Spdrman, Popopret, UserL0ser) (34) was charged by the U.S. DoJ for allegedly running the ‘The Real Deal’ dark web marketplace. The man was charged with access device fraud […]

Pierluigi Paganini September 24, 2022
Ukraine: SSU dismantled cyber gang that stole 30 million accounts

The cyber department of Ukraine ‘s Security Service (SSU) dismantled a gang that stole accounts of about 30 million individuals. The cyber department of Ukraine ‘s Security Service (SSU) has taken down a group of hackers that is behind the theft of about 30 million individuals. The gang was offering the stole accounts for sale […]

Pierluigi Paganini September 05, 2022
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark […]