Cybercriminal activity is surging on hacker forums, with significant threats identified including breaches involving Al Hilal SFC and Free Mobile, a potential data leak from Investing.com, the rise of Seraph Stealer malware, and sales of stolen Japanese credit cards. Leaks from the Black Basta ransomware group have also come to light, revealing internal conflicts. Affected: Al Hilal SFC, Free Mobile, Investing.com, Japanese financial sector, Black Basta ransomware group
Keypoints :
- Alleged data breach of Al Hilal SFC reveals sensitive financial information.
- A hacker claims to be selling a compromised Free Mobile database containing 19.2 million user records.
- 300 Japanese credit cards are being auctioned on hacker forums.
- Seraph Stealer malware for sale is capable of exfiltrating diverse sensitive data.
- Leaked internal chat logs from Black Basta expose conflicts and defections within the group.
- A dataset from Investing.com, allegedly obtained through an IDOR vulnerability, is being sold.
MITRE Techniques :
- Exploitation of Vulnerability (T1190) – The threat actor exploited an Insecure Direct Object Reference (IDOR) vulnerability on Investing.com to access user information.
- Data Encrypted for Impact (T1486) – Black Basta ransomware group demonstrates tactics that include encrypting data or data leaks to create impact.
- Credential Dumping (T1003) – Seraph Stealer malware is designed to extract login credentials and passwords from compromised systems.
- Account Manipulation (T1098) – The sale of compromised customer accounts including personal information and user IDs as seen in Free Mobile and Japanese credit card incidents.
Indicator of Compromise :
- [Domain] investing.com
- [Domain] free-mobile.fr
- [Domain] alhilalsc.com
Full Story: https://socradar.io/seraph-stealer-malware-hits-the-market-black-bastas-internal-chaos-new-data-leak-claims/