#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

Deep Web | Breaking Cybersecurity News | The Hacker News

Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On Dark Web

Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On Dark Web
Mar 17, 2019
A hacker who was selling details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds has now put up a fourth batch of millions of records originating from 6 other sites for sale on the dark web. The Hacker News today received a new email from the Pakistani hacker, who goes by online alias Gnosticplayers and previously claimed to have hacked dozens of popular websites from companies which, according to him, probably had no idea that they were compromised. The hacker last month made three rounds of stolen accounts up for sale on the popular dark web market called Dream Market, posting details of 620 million accounts stolen from 16 websites in the first round, 127 million records from 8 sites in the second, and 92 million from 8 websites in the third. Although while releasing the third round Gnosticplayers told The Hacker News that it would be his last batch of the stolen database, the hacker released the fourth round containing nearl

Over 92 Million New Accounts Up for Sale from More Unreported Breaches

Over 92 Million New Accounts Up for Sale from More Unreported Breaches
Feb 18, 2019
All these numbers…. "More than 5 billion records from 6,500 data breaches were exposed in 2018" — a report from Risk Based Security says. "More than 59,000 data breaches have been reported across the European since the GDPR came into force in 2018" — a report from DLA Piper says. …came from data breaches that were reported to the public, but in reality, more than half of all data breaches actually go unreported. Just last week, we disclosed the existence of some massive unreported data breaches in two rounds, which a hacker has now started monetizing by selling stolen user databases publicly. Now, a new set of databases containing millions of hacked accounts from several websites has been made available for sale on the dark web marketplace by the same hacker who goes by online alias Gnosticplayers. Gnosticplayers last week made two rounds of stolen accounts up for sale on the popular dark web marketplace called Dream Market , posting details of near

Hands-on Review: Cynomi AI-powered vCISO Platform

Hands-on Review: Cynomi AI-powered vCISO Platform
Apr 10, 2024vCISO / Risk Assessment
The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture. MSPs and MSSPs looking to meet this growing vCISO demand are often faced with the same challenge. The demand for cybersecurity talent far exceeds the supply. This has led to a competitive market where the costs of hiring and retaining skilled professionals can be prohibitive for MSSPs/MSPs as well. The need to maintain expertise of both security and compliance further exacerbates this challenge. Cynomi, the first AI-driven vCISO platform , can help. Cynomi enables you - MSPs, MSSPs and consulting firms

Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed

Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed
Nov 21, 2018
The real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn , DropBox and MySpace mega breaches—has been revealed as Maksim Vladimirovich Donakov (Максим Владимирович Донаков), a resident of Penza, Russian Federation. In early 2016, a hacker with pseudonym Tessa88 emerged online offering stolen databases from some of the biggest social media websites in the world, including LinkedIn, MySpace, VKontakte (vk.com), Dropbox, Rambler , and Twitter , for sale in various underground hacking forums. The stolen data, taken years ago from several social media sites, included more than half a billion username and password combinations, which were then used in phishing, account takeover, and other cyber attacks. Though Tessa88's profile was active for a few months between February and May 2016, the OPSEC analysis revealed that the same person was involved in various cybercriminal activities since as early as 2012 under different

WATCH: The SaaS Security Challenge in 90 Seconds

cyber security
websiteAdaptive ShieldSaaS Security / Cyber Threat
Discover how you can overcome the SaaS security challenge by securing your entire SaaS stack with SSPM.

French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison

French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison
Oct 11, 2018
A dark web drugs kingpin who was arrested last year when he arrived in the United States to compete in the World Beard and Mustache Championships has now been sentenced to 20 years in prison. On Tuesday, U.S. District Judge Robert N. Scola sentenced 36-year-old French national Gal Vallerius, aka "OxyMonster," after pleading guilty to conspiracy to possess with the intent to distribute controlled substances and conspiracy to launder money in June this year. According to a press release published by the U.S. Department of Justice, Vallerius was an administrator, senior moderator and vendor on Dream Market —one of the largest dark web marketplaces for illegal narcotics and drug paraphernalia. Launched in November 2013, Dream Market began operating on the TOR "dark web" network and was designed to make it easier for people to anonymously buy and sell illegal items and services in exchange for Bitcoin and other peer-to-peer cryptocurrencies. Vallerius initi

Hacker Sold Stolen U.S. Military Drone Documents On Dark Web For Just $200

Hacker Sold Stolen U.S. Military Drone Documents On Dark Web For Just $200
Jul 11, 2018
You never know what you will find on the hidden Internet ' Dark Web .' Just about an hour ago we reported about someone selling remote access linked to security systems at a major International airport for $10 . It has been reported that a hacker was found selling sensitive US Air Force documents on the dark web for between $150 and $200. Cybercrime tracker Recorded Future today reported that it discovered a hacker attempting to sell secret documents about the MQ-9 Reaper drone used across federal government agencies for only a few hundred dollars on a Dark Web forum last month. First introduced in 2001, the MQ-9 Reaper drone is currently used by the U.S. Air Force, the U.S. Navy, U.S. Customs and Border Protection, NASA, the CIA, and the militaries of several other countries. The tech intelligence's Insikt Group analysts found the hacker during their regular monitoring of the dark web for criminal activities. They posed as potential buyers and engaged the new

Hacker Puts Airport's Security System Access On Dark Web Sale For Just $10

Hacker Puts Airport's Security System Access On Dark Web Sale For Just $10
Jul 11, 2018
If you can't find it on Google, you will definitely find it on the Dark Web . Black markets on the Dark web are not known for just buying drugs, it is a massive hidden network where you can buy pretty much anything you can imagine—from pornography, weapon, and counterfeit currencies, to hacking tools, exploits, malware, and zero-days. One such type of underground marketplace on Dark Web is RDP Shop, a platform from where anyone can buy RDP access (remote desktop protocol) to thousands of hacked machines for a small fee. While investigating several underground RDP shops, security researchers from the McAfee's Advanced Threat Research team discovered that someone is selling remote access linked to security systems at a major International airport for as low as $10. Yes, that's $10, I didn't miss any zeros. Instead of buying RDP credential, researchers used the Shodan search engine to find the correct IP address of the hacked Windows Server machine, whose ad

The Rise of Super-Stealthy Digitally Signed Malware—Thanks to the Dark Web

The Rise of Super-Stealthy Digitally Signed Malware—Thanks to the Dark Web
Nov 06, 2017
Guess what's more expensive than counterfeit United States passports, stolen credit cards and even guns on the dark web? It's digital code signing certificates. A recent study conducted by the Cyber Security Research Institute (CSRI) this week revealed that stolen digital code-signing certificates are readily available for anyone to purchase on the dark web for up to $1,200. As you may know, digital certificates issued by a trusted certificate authority (CA) are used to cryptographically sign computer applications and software, and are trusted by your computer for execution of those programs without any warning messages. However, malware author and hackers who are always in search of advanced techniques to bypass security solutions have been abusing trusted digital certificates during recent years. Hackers use compromised code signing certificates associated with trusted software vendors in order to sign their malicious code, reducing the possibility of their malw

Dangerous Malware Allows Anyone to Empty ATMs—And It's On Sale!

Dangerous Malware Allows Anyone to Empty ATMs—And It’s On Sale!
Oct 17, 2017
Hacking ATM is now easier than ever before. Usually, hackers exploit hardware and software vulnerabilities to hack ATMs and force them to spit out cash, but now anyone can simply buy a malware to steal millions in cash from ATMs. Hackers are selling ready-made ATM malware on an underground hacking forum that anybody can simply buy for around $5000, researchers at Kaspersky Lab discovered after spotting a forum post advertising the malware, dubbed Cutlet Maker . The forum post provides a brief description and a detailed manual for the malware toolkit designed to target various ATMs models with the help of a vendor API, without interacting with ATM users and their data. Therefore, this malware does not affect bank customers directly; instead, it is intended to trick the bank ATMs from a specific vendor to release cash without authorisation. The manual also mentions an infamous piece of ATM malware, dubbed Tyupkin , which was first analysed in 2014 by Kaspersky Lab and used

Dark-Web Drug Dealer Arrested After He Travelled US for World Beard Championships

Dark-Web Drug Dealer Arrested After He Travelled US for World Beard Championships
Sep 28, 2017
United States authorities arrested suspected dark web drug kingpin late last month while he was travelling from his base in France to the United States of America for this year's annual World Beard and Mustache Championships. Gal Vallerius, a 38-year-old French national, was travelling to Austin, Texas, for the competition but was caught by U.S. authorities on August 31 upon landing at Atlanta International Airport on a distribution complaint filed in Miami federal court, The Miami Herald reported Tuesday. Authorities confirmed Vallerius' identity to the online moniker " OxyMonster ," which was previously used to sell drugs on an illegal underground dark web marketplace called Dream Market by searching his laptop that the brown-beard contestant carried with him. Alleged Moderator/Admin Of Dark-Web Dream Market According to Drug Enforcement Administration (DEA) affidavit filed in September, Vallerius was an administrator, senior moderator and vendor on Dream

Feds Seize AlphaBay and Hansa Markets in Major Dark-Web Bust

Feds Seize AlphaBay and Hansa Markets in Major Dark-Web Bust
Jul 20, 2017
It's finally confirmed — In a coordinated International operation, Europol along with FBI, DEA (Drug Enforcement Agency) and Dutch National Police have seized and taken down AlphaBay , one of the largest criminal marketplaces on the Dark Web. But not just AlphaBay , the law enforcement agencies have also seized another illegal dark web market called HANSA , Europol confirmed in a press release today. According to Europol, both underground criminal markets are "responsible for the trading of over 350,000 illicit commodities including drugs, firearms and cybercrime malware." On July 4th, AlphaBay suddenly went down without any explanation from its administrators, which left its customers in panic. Some of them even suspected that the website's admins had pulled an exit scam and stole user funds. However, last week it was reported that the mysterious shut down of the dark web marketplace was due to a series of raids conducted by the international authorities.

AlphaBay Shut Down After Police Raid; Alleged Founder Commits Suicide in Jail

AlphaBay Shut Down After Police Raid; Alleged Founder Commits Suicide in Jail
Jul 14, 2017
AlphaBay Market — one of the largest Dark Web marketplaces for drugs, guns, and other illegal goods — that mysteriously went dark earlier this month without any explanation from its admins has reportedly been shut down by the international authorities. On July 4th, the dark web marketplace suddenly went down without any explanation from its admins, which left its customers who have paid large sums in panic. Some customers even suspected that the site's admins had pulled an exit scam to steal user funds. However, according to the Wall Street Journal , the disappearance of the AlphaBay came after authorities in the United States, Canada, and Thailand collaborated to conduct a series of raids and arrest  Alexandre Cazes , who allegedly was one of the AlphaBay's operators. Citing "people familiar with the matter," the publication claims that Cazes, a resident of Canada, was arrested in Thailand and taken into custody in Bangkok on July 5th, the same day the

AlphaBay Dark Web Market Goes Down; Users Fear Exit-Scam

AlphaBay Dark Web Market Goes Down; Users Fear Exit-Scam
Jul 06, 2017
AlphaBay Market, one of the largest Dark Web marketplaces for drugs, guns, and other illegal goods, suddenly disappeared overnight without any explanation from its admins, leaving its customers who have paid large sums in panic. AlphaBay , also known as "the new Silk Road," has been shut down since Tuesday night. The site also came in the news at the beginning of this year when a hacker successfully hacked the AlphaBay site and stole over 200,000 private unencrypted messages from several users. Although the website sometimes goes down for maintenance, customers are speculating that the admins have stolen all their Bitcoins for good measure, when heard no words from the site's admins on the downtime. Some users at Reddit and Twitter are claiming that AlphaBay's admins may have shut down the marketplace to withdraw a huge number of bitcoins from the site's accounts. The withdrawal Bitcoin transactions total 1,479.03904709 Bitcoin (roughly $3.8 Million),

French Police Seize 6 Tor Relay Servers in WannaCry Investigation

French Police Seize 6 Tor Relay Servers in WannaCry Investigation
Jun 11, 2017
WannaCry , the biggest ransomware attack in the history, gained prominence very rapidly in the media globally after the ransomware infected more than 300,000 computers in over 150 countries within just 72 hours. Governments, Intelligence agencies and law enforcement around the world have already started their investigations and are working closely with affected companies to track down hackers responsible for the global cyber attack launched on Friday, 12th May. Some researchers traced back WannaCry to a state-sponsored hacking group in North Korea, while other believed the perpetrators might be Chinese . If you have been following WannaCry coverage on The Hacker News, you should be aware of that the WannaCry ransomware uses Tor hidden service to communicate with its command-and-control server. Just yesterday, we came to know that French authorities had seized at least 6 Tor's entry guard node servers, hosted on France-based hosting providers, just two days after the o

Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web

Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web
Mar 06, 2017
Hardly a day goes without headlines about any significant data breach. In past year, billions of accounts from popular sites and services, including LinkedIn , Tumblr , MySpace , Last.FM , Yahoo! , VK.com were exposed on the Internet. Now, according to the recent news, login credentials and other personal data linked to more than one Million Yahoo and Gmail accounts are reportedly being offered for sale on the dark web marketplace. The online accounts listed for sale on the Dark Web allegedly contain usernames, emails, and plaintext passwords. The accounts are not from a single data breach; instead, several major cyber-attacks believed to have been behind it. The hacker going by the online handle 'SunTzu583' has listed a number of cracked email packages on a series of dark websites, HackRead reported. Here's the Full List of Accounts and their Prices: 100,000 Yahoo accounts acquired from 2012 Last.FM data breach , for 0.0084 Bitcoins ($10.76). Another 1

AlphaBay Dark Web Marketplace Hacked; Exposes Over 200,000 Private Messages

AlphaBay Dark Web Marketplace Hacked; Exposes Over 200,000 Private Messages
Jan 25, 2017
AlphaBay, possibly the largest active dark web marketplace at the moment, has paid a hacker after he successfully exploited vulnerabilities in the internal mailing system of the website and hijacked over 200,000 private unencrypted messages from several users. The hacker, using the pseudonym Cipher0007, disclosed two "high-risk bugs" two days ago on Reddit that allowed him to gain access to troves of private messages belonging to buyers and sellers on the dark website, AlphaBay admins announced on Tuesday. It turns out that the messages were not encrypted by default, which gave the hacker ability to view all messages between vendors and buyers selling and purchasing everything from illicit drugs to exploits, malware, and stolen data. Over 218,000 Private Messages of Anonymous Dealers Exposed To prove he had successfully compromised the AlphaBay website, the hacker posted five screenshots of random user private conversations, showing that AlphaBay users had op

State-Sponsored SCADA Malware targeting European Energy Companies

State-Sponsored SCADA Malware targeting European Energy Companies
Jul 13, 2016
Security researchers have discovered a new campaign targeting energy companies in Western Europe with a sophisticated malware that almost goes to great lengths in order to remain undetected while targeting energy companies. Researchers from SentinelOne Labs discovered the malware, which has already infected at least one European energy company, is so sneaky and advanced that it is likely believed to be the work of a wealthy nation. The malware, dubbed ' SFG ', contains about 280 kilobytes of code, featuring a vast arsenal of tools rarely seen in ordinary malware samples. It takes " extreme measures " to cleverly and stealthily evade a large number of security defenses before it drops its payload. The malware dismantles antiviruses processes one-by-one until the malware is finally safe to uninstall them all. It also encrypts key features of its code so that it could not be discovered and analyzed. It'll not execute itself if it senses it's being run in

Mozilla asks Court to disclose Firefox Exploit used by FBI to hack Tor users

Mozilla asks Court to disclose Firefox Exploit used by FBI to hack Tor users
May 13, 2016
Mozilla has filed a brief with a U.S. District Court asking the FBI to disclose the potential vulnerabilities in its Firefox browser that the agency exploited to unmask TOR users in a criminal investigation. Last year, the FBI used a zero-day flaw to hack TOR browser and de-anonymize users visiting child sex websites. Now, Mozilla is requesting the government to ask the FBI about the details of the hack so that it can ensure the security of its Firefox browser. TOR is an anonymity software that provides a safe haven to human rights activists, government, journalists but also is a place where drugs, child pornography, assassins for hire and other illegal activities has allegedly been traded. TOR Browser Bundle is basically an Internet browser based on Mozilla Firefox configured to protect the user's anonymity via Tor and Vidalia. In 2015, the FBI seized computer servers running the world's largest dark web child pornography site 'Playpen' from a web host in Lenoir, No
Cybersecurity Resources