Tag selected: Dark web

Insights about All World Cards and the published 1M credit cards
Table of Contents Introduction Marketing campaign: 1 million credit cards published Analysis of the published credit cards Where were these cards stolen? When were these cards stolen? Geographical distribution of the victims Underground reactions Threat Actors behind All World Cards Conclusions   Introduction “All World Cards” is a new...
Use of Initial Access Brokers by Ransomware Groups
Initial Access Brokers (IABs) are financially motivated threat actors that profit through the sale of remote access to corporate networks in underground forums, like Exploit, XSS, or Raidforums. The type of accesses offered are mostly Remote Desktop Protocol (RDP), Virtual Private Network (VPN), web shells, and remote access software tools...
State of Underground Card Shops in 2021
(life after Joker’s Stash)   Table of Contents Introduction Active credit card shops FERum Shop Brian’s Club Thefreshstuffs Missing Credit Card Shops ValidCC VaultMarket Rescator Conclusions   Introduction    On February 15, 2021, after nearly 6.5 years in business, the prolific card shop Joker’s Stash closed its doors. Those behind...
RDPalooza: RDPs in the World of Cybercrime
  Key Points  Remote Desktop Protocol (RDP) is a built-in part of the Windows toolkit popular for facilitating remote work. Cybercriminals take interest in compromising RDP endpoints as they provide direct access into a victim environment via a graphic interface.   Internet-facing RDP endpoints – colloquially known among cybercriminals...
M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis
Key Points The information-stealing malware dubbed M00nD3v Logger was recently auctioned off on Hack Forums,  together with HakwEye Reborn.   The threat actor – operating under the alias “M00nD3v” – states that they sold the malware in response to being diagnosed with COVID-19.  M00nD3v was previously involved in sales...
Shining a light on the darknet
A common visualization for the Internet is an iceberg. The indexed ‘surface’ web is less than 10% of what is visible, but 90% is non-indexed and known as the deep web. A small subset of the deep web includes hidden information and services: the dark web, or darknet. It’s...
Sweet Dream(s): An examination of instability in the darknet markets
These past few weeks in cyber underground news have seen the surprising hat trick of the passage of the self-imposed deadline for the closure of the notorious Dream Market, the law enforcement seizure of Valhalla Market, and the law enforcement takedown and arrests of admins associated with the Wall Street Market.  Many of the trends observed following...
Demo Free Trial MSSP
Program