Lumma Stealer is a widely available malware-as-a-service that has evolved since 2022 and is sold on Dark Web forums and Telegram. It targets Windows hosts (7–11), exfiltrates data, can drop additional payloads, and uses a Telegram bot for C2, with distribution…
Tag: DARK WEB
Summary: This article discusses a cyber attack on Blackbaud that affected 13,000 clients and 1.5 billion of their constituents. Threat Actor: Unknown | Unknown Victim: Blackbaud | Blackbaud Key Point : A cyber attack on Blackbaud in 2020 resulted in the compromise of data for 1.5 billion individuals…
In a hacker forum monitored by SOCRadar, an unauthorized VPN access sale is detected allegedly belongs to an industry enterprise that operates in Indonesia. Price 6000 Contacts Tox: *** Country: Indonesia Revenue: $3.7 Billions Industry: light industry enterprise Access type: VPN user AV: – Hosts: 1…
Dispossessor has emerged in the ransomware landscape and mirrors the structure of LockBit after global law enforcement seized its domains. It functions as a data broker under an RaaS-like model, leaking data from other groups and operating via a sprawling affi…
Summary: The content topic is about a criminal website called BreachForums being seized by the FBI. Threat Actor: FBI | FBI Victim: BreachForums | BreachForums Key Point : The FBI has seized the criminal website BreachForums, which is known for facilitating cybercrime and fraud. Cybercrime , Fraud M…
In a hacker forum monitored by SOCRadar, a new alleged database leak is detected for Klinik Basmallah (Indonesia). Free dumps klinik-basmallah.com-7z-181.7 mb Date: 05/12/24 File: **** Additional channel: *** **** Nature of Dark Web News: The news pertains to an alleged data leak from Klinik Basmall…
Summary: AFL players are calling for improved data collection and storage practices in response to the leaking of personal information following a data breach. Threat Actor: Hackers | hackers Victim: AFL Players | AFL players Key Point : AFL players are concerned about the leaking of sensitive perso…
In a hacker forum monitored by SOCRadar, a new alleged database leak is detected for Hak Asasi Manusia. “1****************** PRESIDEN RE******************TENTANG AKSI ******************NULL,NULL,NULL,”1″******************”24″,”INPRES”,NULL,NUL******************”,,NULL,”1″,,******************”,”2020-…
Summary: This post examines the activities of Dmitry Yuryevich Khoroshev, the alleged leader of the LockBit ransomware group, who has been charged by the United States, United Kingdom, and Australia for his involvement in cybercrimes. Threat Actor: Dmitry Yuryevich Khoroshev | Dmitry Yuryevich Khoro…
LockBit is making a comeback after Operation Cronos, reactivating mirror servers, a fresh batch of victims, and new leakage methods such as onion-hosted pages and torrents. The piece traces the second reign of LockBit, detailing victimization, infrastructure, …
Trustwave SpiderLabs’ 2024 Public Sector Threat Landscape briefing outlines the distinct cybersecurity challenges that public-sector entities face, including legacy systems, fragmented IT, and large stores of personal data. It warns that attacks on public sect…
In a hacker forum monitored by SOCRadar, a new alleged database leak is detected for Indonesian hotel guests. Leak Date: 12/05/2024 Lines: 4.7kk EXAMPLE INSERT INTO `ghest_member` (`id`, `guest_id`, `reg_date`, `title`, `firstname`, `lastname`, `cidate`, `codate`, `roomno`, `completeaddress`, `city`…
According to recent announcment, a group of hackers has taken action to sell “inc ransom” encryption ransomware source code. This sale includes the AES-CTR-128, Curve25519-Donna encryption algorithms and panel source code. This ransomware operate on both Windows and Linux operating systems using the IOCP infrastructure. Additionally, there are specially compiled versions…
Fortinet FortiGuard Labs analyzes zEus stealer distributed via a crafted Minecraft source pack, detailing its infection vector and anti-analysis checks. It then collects a wide range of user data, uses Discord webhooks and other channels to exfiltrate results,…
Summary: The content discusses how cybercriminals are targeting the increasing number of vulnerabilities resulting from the growth in connected devices and new applications, leading to a rise in attacks. Threat Actor: Cybercriminals | cybercriminals Victim: Various organizations and individuals | cy…