by Paul Ducklin Here on Naked Security, we’ve regularly asked the question, or at least implied it: “Where do you think all those cybercrime payments go?” When a ransomware victim hands over a largely anonymous, mostly untraceable quantity of Bitcoin, for example, to pay off a multi-million dollar blackmail demand . . . Read more
by Paul Ducklin We look at the big-money hacks from the 2021 Pwn2Own competition. We investigate the difficulties of hiring an assassin via the dark web. We wrestle with some of the privacy issues relating to COVID-19 infection tracking apps. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro and . . . Read more
by Paul Ducklin In a brief yet fascinating press release, Europol just announced the arrest of an Italian man who is accused of “hiring a hitman on the dark web”. According to Europol: The hitman, hired through an internet assassination website hosted on the Tor network, was paid about €10,000 . . . Read more
by Paul Ducklin You probably don’t need to be told what sort of products were on offer at an online retail site called DarkMarket. As you can imagine, it operated on the so-called dark web, and you’d have needed the Tor browser to access it, using a special web address . . . Read more
Underground marketplace pricing on RDP server access, compromised payment card data and DDoS-For-Hire services are surging.
The group published files stolen from the Brazilian aircraft manufacturer in a ransomware attack last month. Hackers have dumped sensitive company data that was stolen during a ransomware attack last month on aircraft manufacturer Embraer. The compromised data appeared on a new dark web site created to publish leaked information, . . . Read more
A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what’s on offer. Cybercriminals are embracing cloud-based services and technologies in order to accelerate their attacks on organizations and better monetize their wares, researchers have . . . Read more
Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum.
Hacker forums are a rich source of threat intelligence. The Dark Web/Darknet continues to be an environment for bad actors to share stolen credentials and discuss successful attacks. In fact, in recent weeks, personal information from places ranging from education organizations to voter databases in the U.S. have been found . . . Read more
A diverse set of companies, including an adaptive-learning platform in Brazil, an online grocery service in Singapore and a cold-brew coffee-maker company, are caught up in the large data trove. A whopping 34 million user records have materialized on an underground sales forum, which cybercriminals claim are gleaned from 17 . . . Read more