Security News
Indian payment app maker MobiKwik has denied its security has been breached, saying that if it's true, as has been claimed, that its customers' information has appeared on the dark web, then some other platform was totally responsible for that. "Some users have reported that their data is visible on the dark web," reads a message from the company, dated March 30.
Ever since the first dark web monitoring services became available, around 2005, consumers of such services often asked - why aren't these websites being taken down? After all, the sites that comprise the dark web are platforms and tools for illegal activities. There is a case to be made for adopting the other strategy - disrupt the dark web as much as possible - and it seems that unlike the early days of dark web monitoring, it is not one that is discussed at all.
A report released Tuesday by threat intelligence firm Check Point Research explains how phony COVID-19 vaccine documents are selling on the Dark Web and how to avoid these fake documents. For individuals who don't have such a certificate or can't wait for a vaccine, the Dark Web is becoming home to fake documents, according to Check Point's analysis.
Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. "The parallels between Dark Web markets and standard consumer markets continue to grow," Hoffman said.
Brave has fixed a privacy issue in its browser that sent queries for. Onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users' visits to dark web websites.
The Dark Web allows cybercriminals to create a Cyber Attacks-as-a-Service ecosystem that outmaneuvers security defenses. Cybersecurity researchers Keman Huang, Michael Siegel, Keri Pearlson and Stuart Madnick in their paper Casting the Dark Web in a New Light, published in the MIT Sloan Management Review, asked whether attackers-who more often than not are one or two steps ahead of cyberdefenders-are more technically adept, or is it something else? The paper was written in 2019, but the material is as relevant now as it was then, and maybe even more so.
The Clop ransomware group has reportedly started posting data on the Dark Web apparently stolen from law firm Jones Day, which represents many of the globe's most powerful people, including former president Donald Trump in his efforts to overturn the 2020 election. The site DataBreached.net was first to report on the incident and published screenshots of stolen Jones Day files that the Clop group posted on the Dark Web as proof it has the goods.
Positive Technologies' experts have analyzed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing web resources. The research discovered that in 90% of cases, users of dark web forums will search for hackers who can provide them with access to a particular resource or who can download a user database.
A Comparitech report found that Japan and the UAE have the most expensive identities available on illicit marketplaces at an average price of $25. Personal information from US citizens found on the Dark Web-ranging from Social Security numbers, stolen credit card numbers, hacked PayPal accounts, and more-is worth just $8 on average, according to a new report from tech research firm Comparitech. "After a data breach or successful phishing campaign, much of the stolen personal information is sold on black markets. Many such marketplaces reside on the dark web. The median credit limit on a stolen credit card is 24 times the price of the card. The median account balance of a hacked PayPal account is 32 times the price on the dark web," Comparitech's Paul Bischoff wrote.
U.S. and Bulgarian authorities this week took control of the dark web site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. Separately, the Bulgarian National Investigation Service and General Directorate Combating Organized Crime seized a dark web hidden resource used by NetWalker ransomware affiliates - i.e., cybercrime groups responsible for identifying and attacking high-value victims using the ransomware - to provide payment instructions and communicate with victims.