Security News

The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. Law enforcement estimated at the time of its takedown that fraudulent activities facilitated through the xDedic cybercrime market totaled more than $68 million.

The Federal Criminal Police Office in Germany and the internet-crime combating unit of Frankfurt have announced the seizure of Kingdom Market, a dark web marketplace for drugs, cybercrime tools, and fake government IDs. The law enforcement operation also included authorities from the United States, Switzerland, Moldova, and Ukraine, while one of the administrators has been arrested in the US. Kingdom Market was an English-speaking marketplace on the dark web with international reach that has operated since March 2021.

If you're a Google Workspace administrator or user selecting an application from the Google Workspace Marketplace, your first task is to make sure an application does the job you want completed as easily as possible. Google offers an Independent Security Verification badge for applications in the Google Workspace Marketplace.

Attempting to enter Hungary at the time, Chychasov was arrested in March 2022 for running the SSNDOB Marketplace, which stands for "Social security number, date of birth" and operated over various domains including blackjob. The SSNDOB Marketplace dates back more than a decade and was operating as early as 2013, then on the domain ssndob.

Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden...

Over 100,000 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials. The credentials were discovered within information stealer logs made available for sale on the cybercrime underground, Group-IB said in a report shared with The Hacker News.

Infostealer malware, which consist of code that infects devices without the user's knowledge and steals data, remains widely available to buy through underground forums and marketplaces, with the volume of logs, or collections of stolen data, available for sale increasing at alarming rates, according to Secureworks. "Infostealers are a natural choice for cybercriminals who are looking to rapidly gain access to businesses and then monetize that access," said Don Smith, VP threat research, Secureworks CTU. "They are readily available for purchase, and within as little as 60 seconds of installation on an infected computer will immediately generate a return on investment in the form of stolen credentials and other sensitive information. However, what has really changed the game, as far as infostealers are concerned, is improvements in the various ways that criminals use to trick users into installing them. That, coupled with the development of dedicated marketplaces for the sale and purchase of this stolen data, has really upped the ante," added Smith.

A new attack vector targeting the Visual Studio Code extensions marketplace could be leveraged to upload rogue extensions masquerading as their legitimate counterparts with the goal of mounting supply chain attacks. VS Code extensions, curated via a marketplace made available by Microsoft, allow developers to add programming languages, debuggers, and tools to the VS Code source-code editor to augment their workflows.

Researchers have found it surprisingly easy to upload malicious Visual Studio Code extensions to the VSCode Marketplace, and discovered signs of threat actors already exploiting this weakness. According to a new report by AquaSec, researchers have found its fairly easy to upload malicious extensions to Microsoft's Visual Studio Code Marketplace, and have already found a few existing extensions that are very suspicious.

Cybersecurity researchers have shed light on a darknet marketplace called InTheBox that's designed to specifically cater to mobile malware operators. "The automation allows other bad actors to create orders to receive the most up to date web injects for further implementation into mobile malware," Resecurity said.