Security News
As you can imagine, it operated on the so-called dark web, and you'd have needed the Tor browser to access it, using a special web address ending in. As it happens, the epithet dark in the word dark web isn't a metaphorical reference implying that everything on the dark web is evil and dystopian.
Europol cops have taken down dark-web souk DarkMarket, after arresting an Australian citizen living in Germany who they claim was operating the world's biggest online bazaar of its kind. DarkMarket had nearly 500,000 users and more than 2,400 sellers, an official announcement from Europol on Tuesday said, calling it the "World's largest largest illegal marketplace on the dark web."
Europol on Tuesday said it shut down DarkMarket, the world's largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.'s National Crime Agency, and the U.S. Federal Bureau of Investigation. The illegal internet market specialized in the sales of drugs, counterfeit money, stolen or forged credit card information, anonymous SIM cards, and off-the-shelf malware.
"As a result of COVID-19 and associated global trends, demand for malicious and illicit goods, services and data have reached new peak highs across dark web marketplaces," said researchers in a Friday analysis. Upon a deep-dive investigation into the underground marketplace, researchers found that the pricing for stolen payment cards has soared in 2020; jumping from $14.64 in 2019 to $20.16 in 2020.
Hackers have set up an auction site on the dark web to sell 250,000 databases stolen from tens of thousands of breached MySQL servers. Back in May, BleepingComputer reported about an attacker that was stealing SQL databases from online shops and threatening victims that their data would become public if they did not pay 0.06 BTC. Although the hacker's website on the clear web listed only 31 databases, the number of abuse reports for the wallet left in the ransom note was above 200, indicating a much larger operation.
Once your personal data is up for sale, buyers can use it for financial gain or for doxing, a practice where malicious actors publicly reveal private information about you for all to see. In a blog post published Tuesday, security provider Kaspersky looks at the sale of personal data on the Dark Web and offers advice on how to protect your own data.
Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum. The company behind the wildly popular kids' game Animal Jam has announced that hackers stole a menagerie of account records during a breach of a third-party vendor's server in October - more than 46 million of them, in fact.
The Dark Web/Darknet continues to be an environment for bad actors to share stolen credentials and discuss successful attacks. Just as there's a lot of bad on the Dark Web, there is also good - mostly in the form of intel that can be used to help protect organizations from attacks.
In closed forums on the dark web, criminals are trading vast databases of consumer information gathered via data breaches and phishing attacks, but also through readily-available government databases. Already a marketplace for drugs, weapons, stolen bank details and leaked website databases, the dark web has now become a thriving underground community where individuals discuss and trade techniques for capitalizing on COVID-19.
While there has been a year-over-year decrease in publicly disclosed data breaches, an Arctic Wolf report reveals that the number of corporate credentials with plaintext passwords on the dark web has increased by 429 percent since March. For a typical organization, this means there are now, on average, 17 sets of corporate credentials available on the dark web that could be used by hackers.