Tag: dark-web
-
New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies
AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its Live View > Dark Web Watch feature, security teams can track active groups, their collaborations, and emerging attack vectors, allowing organizations to preemptively bolster defenses. During the first half of 2025, a surge in new…
-
BlackSuit Ransomware Group’s Dark Web Sites Seized in Operation Checkmate
The US and partners from nine countries have taken down part of the ransomware group’s infrastructure First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blacksuit-ransomware-sites-seized/
-
BlackSuit ransomware gang’s darknet websites seized by police
The BlackSuit gang, which is believed to have been operational since April/May 2023, was a private ransomware group that did not license its tooling to other criminals like ransomware-as-a-service (RaaS) schemes. First seen on therecord.media Jump to article: therecord.media/blacksuit-ransomware-gang-website-takedown
-
BlackSuit ransomware gang’s darknet websites seized by police
The BlackSuit gang, which is believed to have been operational since April/May 2023, was a private ransomware group that did not license its tooling to other criminals like ransomware-as-a-service (RaaS) schemes. First seen on therecord.media Jump to article: therecord.media/blacksuit-ransomware-gang-website-takedown
-
LUP-Kliniken: Patientendaten nach Cyberangriff im Darknet entdeckt
Bei dem Cyberangriff auf die LUP-Kliniken sind auch Patientendaten abgeflossen.Im Februar 2025 wurden die LUP-Kliniken in Hagenow und Ludwigslust Ziel einer Cyberattacke. Die forensische Ermittlungen haben nun ergeben, dass personenbezogene Daten abgeflossen und im Darknet veröffentlicht worden sind. Das geht aus der Juli-Ausgabe des Landkreisboten des Landkreises Ludwigslust-Parchim hervor. Demnach handelt es sich zwar “nicht…
-
BlackSuit ransomware extortion sites seized in Operation Checkmate
Law enforcement has seized the dark web extortion sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/law-enforcement-seizes-blacksuit-ransomware-leak-sites/
-
BlackSuit ransomware leak sites seized in Operation Checkmate
Law enforcement has seized the dark web leak sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/law-enforcement-seizes-blacksuit-ransomware-leak-sites/
-
Key Operator of World’s Largest XSS Dark Web Platform Detained
International law enforcement agencies have dismantled one of the world’s most influential Russian-speaking cybercrime platforms following the arrest of its suspected administrator in a coordinated operation spanning France, Ukraine, and broader European cooperation. The takedown of xss.is represents a significant blow to global cybercriminal networks that have operated with relative impunity on the dark web…
-
Dark Web Hackers Moonlight as Travel Agents
Hackers are using stolen goods such as credit cards and loyalty points to book travel for sometimes unsuspecting clients, and remote workers, SMBs, travel brands, and others are at risk. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/dark-web-hackers-moonlight-travel-agents
-
UK proposal would forbid ransom payments by gov’t agencies, but will it meaningfully decrease ransomware attacks?
Tags: attack, backup, business, ceo, dark-web, data, finance, government, group, hacker, intelligence, law, ransom, ransomware, threatBusinesses often want to pay ransom: Fred Chagnon, principal research director at Info-Tech Research Group noted that, from a business continuity perspective, it can make sense to pay the ransom.”Paying the ransom can sometimes be the quickest and least damaging path to restoring operations, especially if backups are compromised or recovery is prohibitively slow. While…
-
Suspected admin of major dark web cybercrime forum arrested in Ukraine
French law enforcement said the alleged administrator of the long-running cybercrime forum XSS, formerly known as DaMaGeLab, was arrested in Ukraine. First seen on therecord.media Jump to article: therecord.media/suspected-xss-cybercrime-marketplace-admin-arrested
-
XSS.IS Cybercrime Forum Seized After Admin Arrested in Ukraine
XSS.IS has been seized after its admin was arrested in Ukraine, however its dark web and mirror domains only show a 504 Gateway Timeout error. First seen on hackread.com Jump to article: hackread.com/xss-is-cybercrime-forum-seized-ukraine-arrested-admin/
-
Dark Web Travel Agencies Exploit Cheap Deals to Steal Credit Card Data
Dark web travel agencies have developed into highly skilled organizations operating in the murky corners of cybercrime, using hacked credit card information, compromised loyalty accounts, and faked identities to provide drastically reduced travel services. According to recent analysis by SpiderLabs, these operations exploit popular booking aggregators rather than targeting specific hotel chains or airlines, adapting…
-
Warum Operation Eastwood noch nicht das Ende von NoName057(16) bedeutet
Die jüngsten internationalen Maßnahmen, angeführt von Europol und in Zusammenarbeit mit zahlreichen europäischen Strafverfolgungsbehörden gegen die Gruppe NoName057(16), haben deren Operationen gestört. Allerdings ist es unwahrscheinlich, dass dies auch das Ende ihrer Aktivitäten bedeutet. Diese mit Russland verbundene Hacktivisten-Gruppe ist weiterhin über verschlüsselte Kanäle wie Telegram und Discord sowie diverse Darknet-Foren aktiv. Obwohl ihre DDoS-Fähigkeiten…
-
Clément Domingo: “We are not using AI correctly to defend ourselves”
Tags: access, ai, attack, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, dark-web, finance, government, group, hacker, infrastructure, intelligence, Internet, jobs, law, malicious, malware, office, password, programming, ransom, startup, threat, tool, trainingstartup, but dedicated to cybercrime in a very efficient way,” Domingo tells via email. “Most have what we call affiliates, which allows them to operate worldwide and attack any organization or entity. In most cases, the startup keeps 20% of the ransom and the accomplice takes 80%.”These are companies that, as he details, offer all…
-
UK NCA officer jailed for stealing bitcoin from darknet criminal he previously helped investigate
A former National Crime Agency investigator who worked on the Silk Road case was sentenced to more than five years in prison for stealing 50 bitcoins seized in that operation. First seen on therecord.media Jump to article: therecord.media/former-uk-nca-officer-jailed-stealing-bitcoin-from-criminal
-
Datenleck bei Louis Vuitton Malletier (2. Juli 2025)
Louis Vuitton Malletier informiert derzeit seine Kunden über einen Datenschutzvorfall, bei dem persönliche Daten abgezogen wurden, die nun im Darknet auftauchen. Ein Leser informierte mich, dass dies nun das dritte Mal in drei Monaten sei, dass es einen Datenschutzvorfall gegeben … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/17/datenleck-bei-louis-vuitton-malletier/
-
Abacus Dark Web Market Suspected of Exit Scam with Held Bitcoin Funds
The largest Bitcoin-enabled Western darknet marketplace, Abacus Market, has gone offline amid widespread suspicions of an exit scam that may have cost users millions of dollars in held cryptocurrency funds. TRM Labs, a blockchain analytics firm, assesses that the marketplace’s operators likely shut down operations and disappeared with users’ Bitcoin and Monero deposits in early…
-
Abacus dark web drug market goes offline in suspected exit scam
Abacus Market, the largest Western darknet marketplace supporting Bitcoin payments, has shut down its public infrastructure in a move suspected to be an exit scam. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/abacus-dark-web-drug-market-goes-offline-in-suspected-exit-scam/
-
Abacus Market Shutters After Exit Scam, Say Experts
Darknet giant Abacus Market has gone offline due to a likely exit scam, according to TRM Labs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/abacus-market-shutters-exit-scam/
-
How defenders use the dark web
Tags: access, antivirus, attack, breach, corporate, credit-card, crypto, cyber, cybercrime, dark-web, data, data-breach, email, extortion, finance, fraud, government, group, hacker, healthcare, identity, incident, insurance, intelligence, Internet, interpol, law, leak, lockbit, mail, malware, monitoring, network, phishing, ransom, ransomware, service, software, theft, threat, tool, usa, vpnAttributing attacks to threat actors: When organizations suffer from data breaches and cyber incidents, the dark web becomes a crucial tool for defenders, including the impacted businesses, their legal teams, and negotiators.Threat actors such as ransomware groups often attack organizations to encrypt and steal their data so they can extort them for money, in exchange…
-
WinRAR 0″‘Day Exploit Listed for $80K on Dark Web Forum
A sophisticated zero-day exploit targeting WinRAR, one of the world’s most popular file compression utilities, has surfaced on a dark web marketplace with a hefty price tag of $80,000. The previously unknown remote code execution (RCE) vulnerability affects both the latest and earlier versions of the widely-used software, raising significant concerns for millions of users…
-
Customer, Employee Data Exposed in Nippon Steel Breach
Information from the company’s NS Solutions subsidiary has yet to show up on any Dark Web sites, but it doesn’t rule out the possibility that the data may have been stolen. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/customer-employee-data-nippon-steel-breach
-
Ransomware Activity Spikes Amid Qilin’s New Wave of Targeted Attacks
The Qilin group emerged as the leading player in the ransomware ecosystem, which saw a notable rise in activity during June 2025 in a startling escalation of cyber dangers. According to the latest Deep Web and Dark Web trend report, Qilin outpaced all other ransomware collectives, targeting a broad spectrum of high-value entities across government,…
-
VenusTech and Salt Typhoon Breach Sheds Light on China’s Covert Cyber Mercenary Networks
The dark web forum DarkForums, which has been a site for data breaches and leaks since BreachForums was shut down in mid-April, was the scene of two major leaks in late May involving Chinese cybersecurity organizations: VenusTech, a well-known IT security vendor, and Salt Typhoon, a state-sponsored advanced persistent threat (APT) organization affiliated with the…
-
Wie das Darknet funktioniert und warum es genutzt wird
Das Darknet gilt für viele als geheimnisvoller Ort im Internet. Es ist weder über gängige Suchmaschinen auffindbar noch ohne spezielle Software zugänglich. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/wie-das-darknet-funktioniert
-
Hunters International ransomware gang shuts down and offers free decryption keys to all victims
Hunters International ransomware gang announced its shutdown, citing unspecified >>recent developments>recent developments>We, […] First seen on securityaffairs.com Jump to article: securityaffairs.com/179667/cyber-crime/hunters-international-ransomware-gang-shuts-down-and-offers-free-decryption-keys-to-all-victims.html
-
Hunters International ransomware group shuts down but will it regroup under a new guise?
The notorious Hunters International ransomware-as-a-service operation has announced that it has shut down, in a message posted on its dark web leak site. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hunters-international-ransomware-group-shuts-down-but-will-it-regroup-under-a-new-guise
-
New >>123 – Stealer<< Malware Rented on Dark Web for $120/Month
A new credential-stealing malware, dubbed >>123 – Stealer,123 | Stealer
-
Dark Web Vendors Shift to Third Parties, Supply Chains
As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and sold on the Dark Web. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/dark-web-vendors-third-parties-supply-chains