Deep and Dark Web Round Up
Weekly Highlights?
- Two men indicted in US for running dark marketplace WWH Club.?
- US DOJ Indicts Russian Hackers Behind WhisperGate Campaign?
- Singapore police arrest six for alleged involvement in Cybercrime syndicate?
- Chinese State-Linked Influence Operation Spamouflage Masquerades as U.S. Voters?
- NoName ransomware gang deploying RansomHub malware in recent attacks?
Malware/Ransomware?
The ransomware group known as NoName ransomware have been seeking to boost their reputation and their reach and are reported to have become a RansomHub affiliate. The affiliation is based on the malware used against a recent ransom victim which was linked to RansomHub but known to have been conducted by NoName. The malware code used by NoName has not yet been publicly released. The group have previously been known to imitate LockBit 3.0 and mimic their dark web leak page.?
Threat Actor Activity?
Two men were indicted in the US for their alleged involvement in the managing of the Dark web marketplace WWH Club. The individuals are a Kazakhstan and Russian national although based in Miami, USA. WWH Club specializes in the sale of PII and financial information. The FBI were able to identify that the site domain, which was a surface web domain, was hosted by Digital Ocean and were therefore able to issue a warrant to that organization.?
WWH Club is estimated to have had 353,000 users worldwide as of March 2023, up from 170,000 registered users in July 2020.?
The site is still active despite the law enforcement action, reportedly current administrators are trying to distance themselves from the two indicted individuals.
The DOJ announced the indictment of five Russian GRU offices and one civilian for conspiring to hack the Ukrainian government. The GRU officers are part of Unit 29155 of the Russian Main Intelligence Directorate, a military intelligence agency of the General Staff of the Armed Forces. They are accused of conspiracy to hack into, exfiltrate data from, leak information from and destroy computer systems associated with the Ukraine Government in advance of the Russian invasion of Ukraine. “The GRU’s WhisperGate campaign, including targeting Ukrainian critical infrastructure and government systems of no military value, is emblematic of Russia’s abhorrent disregard for innocent civilians as it wages its unjust invasion,” said Assistant Attorney General Matthew G. Olsen of the National Security Division.
领英推荐
The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. Initial reports do not state the specific activities that the individuals were involved in but indicated police seized laptops and other electronic devices which had details of webservers known to be used by criminal hackers, hacking servers and malware. Large amounts of cash and cryptocurrency were also seized. Weekly Intelligence Summary?
Chinese State linked actors are reportedly running an influence operation, known as Operation Spamouflage, in which they are claiming to be US soldiers or American voters and commenting on controversial topics on social media. Topics have included reproductive rights, America’s policy towards Israel and support for Ukraine as well as criticizing both candidates. They are reported to have used AI to create some of this content.?
Notable Leaks and Breaches?
Suggested Further Reading?
- Payment gateway data breach affects 1.7 million credit card owners ?
- Critical SonicWall SSLVPN bug exploited in ransomware attacks
- Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances
- Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware
- RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
- Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments
- Highline Public Schools closes schools following cyberattack
- Sextortion scam now use your "cheating" spouse’s name as a lure
- North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
- Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack
About DarkOwl?
DarkOwl uses machine learning to collect automatically, continuously, and anonymously, index and rank darknet, deep web, and high-risk surface net data that allows for simplicity in searching.?
Our platform collects and stores data in near real-time, allowing darknet sites that frequently change location and availability, be queried in a safe and secure manner without having to access the darknet itself.?
DarkOwl is unique not only in the depth and breadth of its darknet data, but also in the relevance and searchability of its data, its investigation tools, and its passionate customer service. As importantly, DarkOwl data is ethically and safely collected from the darknet, allowing users secure and anonymous access to information and threats relevant to their mission. Our passion, our focus, and our expertise is the darknet.?
For more information, visit www.darkowl.com .?