The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: underground hacker forums

Police Shut Down xDedic – An Online Market for Cyber Criminals

Police Shut Down xDedic – An Online Market for Cyber Criminals
January 28, 2019Mohit Kumar
In an international operation involving law enforcement authorities from the U.S. and several European countries, feds have shut down an online underground marketplace and arrested three suspects in Ukraine. Dubbed xDedic, the illegal online marketplace let cybercriminals buy, sell or rent out access to thousands of hacked computers and servers across the world and personally identifiable information of U.S. residents. The underground website had been around for years with its administrators strategically maintaining and concealing the locations of its servers all over the world to facilitate the operation of the underground site. xDedic offered buyers to search for over 176,000 unique compromised servers—which were usually in the form of credentials for compromised Remote Desktop Protocol (RDP) accounts—from around the world by price, operating system, or even their geographic location from where it was stolen. xDedic impacted victims in multiple industries, "including

Dangerous Malware Allows Anyone to Empty ATMs—And It's On Sale!

Dangerous Malware Allows Anyone to Empty ATMs—And It’s On Sale!
October 17, 2017Mohit Kumar
Hacking ATM is now easier than ever before. Usually, hackers exploit hardware and software vulnerabilities to hack ATMs and force them to spit out cash, but now anyone can simply buy a malware to steal millions in cash from ATMs. Hackers are selling ready-made ATM malware on an underground hacking forum that anybody can simply buy for around $5000, researchers at Kaspersky Lab discovered after spotting a forum post advertising the malware, dubbed Cutlet Maker . The forum post provides a brief description and a detailed manual for the malware toolkit designed to target various ATMs models with the help of a vendor API, without interacting with ATM users and their data. Therefore, this malware does not affect bank customers directly; instead, it is intended to trick the bank ATMs from a specific vendor to release cash without authorisation. The manual also mentions an infamous piece of ATM malware, dubbed Tyupkin , which was first analysed in 2014 by Kaspersky Lab and used

AlphaBay Dark Web Market Goes Down; Users Fear Exit-Scam

AlphaBay Dark Web Market Goes Down; Users Fear Exit-Scam
July 06, 2017Wang Wei
AlphaBay Market, one of the largest Dark Web marketplaces for drugs, guns, and other illegal goods, suddenly disappeared overnight without any explanation from its admins, leaving its customers who have paid large sums in panic. AlphaBay , also known as "the new Silk Road," has been shut down since Tuesday night. The site also came in the news at the beginning of this year when a hacker successfully hacked the AlphaBay site and stole over 200,000 private unencrypted messages from several users. Although the website sometimes goes down for maintenance, customers are speculating that the admins have stolen all their Bitcoins for good measure, when heard no words from the site's admins on the downtime. Some users at Reddit and Twitter are claiming that AlphaBay's admins may have shut down the marketplace to withdraw a huge number of bitcoins from the site's accounts. The withdrawal Bitcoin transactions total 1,479.03904709 Bitcoin (roughly $3.8 Million),

Source Code for another Android Banking Malware Leaked

Source Code for another Android Banking Malware Leaked
January 23, 2017Swati Khandelwal
Another bad news for Android users — Source code for another Android banking malware has been leaked online via an underground hacking forum. This newly discovered banking Trojan is designed to steal money from bank accounts of Android devices' owners by gaining administrator privileges on their smartphones. Apparently, it will attract the attention of many cyber criminals who can recompile the source code or can also use it to develop more customized and advanced variants of Android banking Trojans. According to security researchers from Russian antivirus maker Dr. Web, the malware's source code was posted online, along with the information on how to use it, meaning Android devices are most likely to receive an increasing number of cyber attacks in upcoming days. Leaked: Trojan Source Code + 'How to Use' Instructions Dr. Web researchers said they have already discovered one banking trojan in the wild developed using this leaked source code, adding that th

Warning! 32 Million Twitter Passwords May Have Been Hacked and Leaked

Warning! 32 Million Twitter Passwords May Have Been Hacked and Leaked
June 09, 2016Swati Khandelwal
The world came to know about massive data breaches in some of the most popular social media websites including LinkedIn , MySpace , Tumblr , Fling, and VK.com when an unknown Russian hacker published the data dumps for sale on the underground black marketplace. However, these are only data breaches that have been publicly disclosed by the hacker. I wonder how much more stolen data sets this Russian, or other hackers are holding that have yet to be released. The answer is still unknown, but the same hacker is now claiming another major data breach, this time, in Twitter. Login credentials of more than 32 Million Twitter users are now being sold on the dark web marketplace for 10 Bitcoins (over $5,800). LeakedSource, a search engine site that indexes leaked login credentials from data breaches, noted in a blog post that it received a copy of the Twitter database from Tessa88, the same alias used by the hacker who provided it hacked data from Russian social network VK.com

Hacker puts up 167 Million LinkedIn Passwords for Sale

Hacker puts up 167 Million LinkedIn Passwords for Sale
May 18, 2016Mohit Kumar
LinkedIn's 2012 data breach was much worse than anybody first thought. In 2012, LinkedIn suffered a massive data breach in which more than 6 Million users accounts login details, including encrypted passwords, were posted online by a Russian hacker. Now, it turns out that it was not just 6 Million users who got their login details stolen. Latest reports emerged that the 2012's LinkedIn data breach may have resulted in the online sale of sensitive account information, including emails and passwords, of about 117 Million LinkedIn users. Almost after 4 years, a hacker under the nickname "Peace" is offering for sale what he/she claims to be the database of 167 Million emails and hashed passwords, which included 117 Million already cracked passwords, belonging to LinkedIn users. The hacker, who is selling the stolen data on the illegal Dark Web marketplace " The Real Deal " for 5 Bitcoins (roughly $2,200), has spoken to Motherboard, confirming th

Malware And Hacking Forum Seized, Dozens Arrested

Malware And Hacking Forum Seized, Dozens Arrested
July 16, 2015Swati Khandelwal
The FBI and other law enforcement agencies have arrested more than 70 people suspected of carrying out cyber criminal activities associated with one of the most active underground web forums known as Darkode . Darkode , also used by notorious Lizard Squad , was an online bazaar for cyber criminals looking to buy and sell hacking tools, botnet tools, zero-day exploits, ransomware programs, stolen credit cards, spam services and many illicit products and services. Darkode had been in operation since 2007 before law enforcement authorities seized it this week as part of an investigation carried out in 20 different countries. "We have dismantled a cyber-hornet's' nest...which was believed by many, including the hackers themselves, to be impenetrable," said U.S. Attorney David J. Hickton . The crackdown, which the FBI dubbed Operation Shrouded Horizon , was initiated two years ago by its counterparts in Europe, Brazil and law enforcement agencies in more

Thousands of Hacked Uber Accounts Selling on Dark Web for $1

Thousands of Hacked Uber Accounts Selling on Dark Web for $1
March 30, 2015Wang Wei
$US1 may be a very little amount, but it is enough to buy you a stolen Uber account and free car rides around the city. Two separate vendors on AlphaBay , a relatively new Dark Web marketplace launched in late 2014, are selling active Uber accounts with usernames and passwords for $1 each, Motherboard reports . Once purchased, these active Uber accounts let you order up rides using the payment information provided on the file. Additionally, other sensitive information that comes with the purchase includes partial credit card data (the last four digits and expiration date), trip history, email addresses, phone numbers, and location information of users' home and work addresses. Over on AlphaBay market, a vendor identified as " Courvoisier " is claiming to sell hacked Uber accounts for $1 each. Under the product listing for ' x1 UBER ACCOUNT - WORLDWIDE TAXI!, ' anyone can buy a Uber account anonymously. Another vendor, identified as ThinkingFo

FBI Arrests 100 Hackers linked to Blackshades Malware

FBI Arrests 100 Hackers linked to Blackshades Malware
May 19, 2014Swati Khandelwal
On Friday, we reported about the large-scale operation of International raids launched by the FBI and other law enforcement officials in countries around the world to arrest the targeted customers of a popular Remote Administration Tool (RAT) called ' Blackshades ,' which is designed to take over the remote control of the infected computers and steal information. The news broke when various announcements on underground forums by hacking group members claimed that FBI especially going after all of them who purchased the hacking tool using PayPal as payment option. Today, the UK's National Crime Agency announced that the raids took place in more than 100 of countries and they have arrested more than 100 people worldwide involved in the purchasing, selling or using the Blackshades malware. More than half million computers in more than dozens of countries were infected by this sophisticated malware that has been sold on underground forums since at least 2010 to seve

Jailed cyber criminal hacked into prison computer system from Jail

Jailed cyber criminal hacked into prison computer system from Jail
March 04, 2013Mohit Kumar
Old habits seem to die hard for a hacker, a cyber criminal who masterminded a £15 million fraud was allowed to join a prison IT class and hacked into the jail's computer system. Nicholas Webber , serving five years in prison for running an internet crime forum Ghost Market , Which allowed those interested in creating computer viruses, partaking of stolen IDs and enjoying private credit card data to congregate. Webber had been arrested for using fraudulent credit card details to pay for a penthouse suite at the Hilton Hotel in Park Lane, Central London. The incident occurred back in 2011, but it only came to light recently " At the time of this incident in 2011 the educational computer system at HMP Isis was a closed network. No access to personal information or wider access to the internet or other prison systems would have been possible, " A spokesman fοr prison tοƖԁ the Daily Mail reported . His IT teacher, Michael Fox ,who was employed by Kensington

Why you should try to join some of the underground hacker forums that are out there

Why you should try to join some of the underground hacker forums that are out there
December 05, 2012Anonymous
Even if you are considered to be a white hat hacker, you are always still walking a fine line between being a bad guy and a good guy in many people eyes. There are a lot of people out there who believe that there should be no hacking at all being done and everyone who does it should be considered a criminal. Of course that is a very small myopic view of how being a white hat hacker really works but there is always going to be an element of that kind of thought out there. There are just a lot of people out there who believe that if you ban hacking outright that it will never be done. And that is simply just not true and is a pure fantasy. But if you really want to be a good and effective white hat hacker, then there are some elements about the other side that you should really get to know. If you want to be able to beat your enemies then you should be able to figure out how they operate. It is not enough for you to be able to take a look at their attacks and try to study their patterns
Exclusive Offers

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.