Deep and Dark Web Round Up
Highlights
Middle East Conflict
Recent activities include increased maritime attacks, assassinations, and ICS/Scada targeting:
Malware/Ransomware
China claims to have cracked Apple’s Airdrop tech, uses this to continue control over its dissident population
China claims to have decrypted device logs for Airdrop, the apple tech that allows for proximity sharing of pictures, files, etc. China’s constant effort to control its population means they’ve blocked many popular messaging apps, as well as used their internet controls to block many popular websites within China. Many Chinese citizens moved to Airdrop as it doesn’t need cell service. This use included the 2019 protests where Chinese citizens used Airdrop to share protest information and anti-Chinese government material. The Chinese government claims they can see the phone numbers, emails, and other metadata from devices who partook in this activity.
Hack-back scams target victims of Royal and Akira ransomware gangs
An actor claiming to be a security researcher has recently contacted several victims of ransomware gangs and offered revenge services against members of Royal and Akira ransomware. The individual offered victims the chance for them to delete the stolen data located on the servers of Akira and Royal for the cost of five Bitcoin. The handles used by the actor are “Ethical Side Group” and “xanonymoux”.
领英推荐
Threat Actor Activity
Year end documents used by threat actors to steal corporate information
Fake retirement savings plan documents for 401ks, end of year surveys, as well as tax document lures, are some of the latest trends in threat actors going after people as they try to procure sensitive credentials for corporate-environment access. Malicious actors are posing as company HR reps to try and elicit information relating to retirement plans. Actors have combined the use of QR codes in these operations, which are embedded in emails and take innocent people to false login pages where their credentials are stolen.
Notable Leaks and Breaches
Suggested Further Reading
About DarkOwl
DarkOwl uses machine learning to collect automatically, continuously, and anonymously, index and rank darknet, deep web, and high-risk surface net data that allows for simplicity in searching.
Our platform collects and stores data in near real-time, allowing darknet sites that frequently change location and availability, be queried in a safe and secure manner without having to access the darknet itself.
DarkOwl is unique not only in the depth and breadth of its darknet data, but also in the relevance and searchability of its data, its investigation tools, and its passionate customer service. As importantly, DarkOwl data is ethically and safely collected from the darknet, allowing users secure and anonymous access to information and threats relevant to their mission. Our passion, our focus, and our expertise is the darknet.
For more information, visit www.darkowl.com.