Point of View
OUR TAKE ON TRENDING STORIES The exodus from Telegram feels like the digital equivalent of rats fleeing a sinking ship, but in this case, the captain invited the water onboard. Once hailed as the free-speech messiah, Pavel Durov has now gone full 180, swapping his halo for a "Please Comply with Authorities" sign. Telegram’s latest Terms of Service updates allow your IP address and phone number to be handed over faster than a hot potato if you so much as sneeze near a legal investigation.
And if you’re looking for an “anonymous” number through Telegram, you’d better be ready to hand over everything short of your blood type and your grandma’s maiden name. They’re asking for your passport, selfie video, and probably a cute childhood story for good measure. At this point, the term "anonymous" is as meaningful as a politician’s promise during an election year. No wonder users are migrating faster than influencers to the next viral app.
Meanwhile, Andrew Tate’s website, The Real World, just learned the hard way that cybersecurity isn’t optional. A 14 GB data breach exposed everything from course material (which users paid $50/month for) to chat logs that can only be described as a toxic Call of Duty lobby fused with 4chan on steroids. Seriously, if Shakespeare were alive today, he’d have written sonnets about how unhinged these messages are.
To anyone caught in this breach: If you haven’t already, delete your LinkedIn account before HR stumbles across the searchable chat logs someone’s inevitably working on. It’s only a matter of time before recruiters start rejecting candidates because they were spotted in Tate's "broetry" forums. Moral of the story? Invest as much in security as you do in your ego—or end up a meme.
Now onto some justice, because Operation Magnus just served up cybercrime’s version of a five-star beatdown. Redline and Meta Infostealers, the digital equivalents of mosquitoes in a swamp, have been wreaking havoc by stealing over 170 million plaintext passwords in just six months. (That’s one stolen password for every three people on Earth. Bravo, scumbags.)
But thanks to the combined efforts of Dutch Police, the FBI, and an international coalition, key servers were seized, and Russian suspect Maxdim Rudometov has been named. Unfortunately, extraditing him from Russia is like asking your cat to stop knocking things off the counter—possible, but unlikely without serious bribery.
In the meantime, the shutdown has caused major disruption in the cybercriminal world. Word on the dark web is that hackers are “considering other career options”, like data-entry jobs, where they can use their stolen credentials for good instead of evil. To stay safe, though, remember: Use strong passwords, enable 2FA, and maybe don’t re-use "Password123" for your bank login. Let’s not make the criminals’ jobs any easier than it already is.
In short, it’s a big month for cybersecurity, with plenty of drama, data dumps, and criminals learning that karma has a killer sense of humour.
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Doxing spree of members that dwell in the cybercrime underworld.
https://breachaware.com/research/doxing-spree-of-members-that-dwell-in-the-cybercrime-underworld
A total of 41 breaches were found and analysed resulting in 10,337,245 leaked accounts containing a total of 33 different data types. The breaches found publicly and freely available included UUU9, SWVL, Superhry, Pankhuri and Bibo Mart.
Attackers strive to destroy the Tor network.
https://breachaware.com/research/attackers-strive-to-destroy-the-tor-network
A total of 17 breaches were found and analysed resulting in 101,638,201 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included 1Win - Part 2, Lalafo, Creditcard Consortium, Tibber and Thuocsi.
Alleged snowflake hacker arrested sparking retaliation from threat actor community.
https://breachaware.com/research/alleged-snowflake-hacker-arrested-sparking-retaliation-from-threat-actor-community
A total of 29 breaches were found and analysed resulting in 78,149,373 leaked accounts containing a total of 39 different data types. The breaches found publicly and freely available included JD, InterBank, Topitop, 1Win and Stealer Log 0494.
One of the largest banks in Peru is reeling after massive security breach.
https://breachaware.com/research/one-of-the-largest-banks-in-peru-is-reeling-after-massive-security-breach
A total of 30 breaches were found and analysed resulting in 9,386,518 leaked accounts containing a total of 32 different data types. The breaches found publicly and freely available included Burger King - Russia, Wongnai, ExVagos 2, LionsCredit and Griffin Capital.
The notorious threat actor known as USDOD, a 31-year-old Brazilian named Luan, has finally been arrested in Brazil. With a track record of breaches that read like a cybersecurity thriller, Luan’s exploits include his infamous hack of InfraGard—a public-private partnership between the FBI and key industry players that works to protect U.S. critical infrastructure. By impersonating a finance CEO, he gained access to the site, downloaded a treasure trove of sensitive data, and then dumped it all on the dark web. As expected, this was like slapping a giant “wanted” sign on his forehead. But things didn’t truly spiral until he took on cybersecurity heavyweight CrowdStrike.
After leaking a list of threat actors CrowdStrike was monitoring, USDOD’s victory was short-lived. CrowdStrike rapidly pieced together his identity and leaked his details to a Brazilian tech news outlet. Remarkably, he took it in stride, even congratulating CrowdStrike and stating he was ready to face the consequences. Whether that sentiment came from humility or resignation, it didn’t matter—Luan has now officially been “nicked.”
Meanwhile, Microsoft’s latest AI feature, *Recall* (or as some critics are calling it, "Rec-All"), has stirred up fresh privacy concerns. Initially intended only for high-end Copilot Plus devices, which come equipped with NPUs to handle AI tasks, Recall is now available for most Windows 10 and 11 users. This feature takes periodic screenshots, creating a searchable timeline of computer activity—think browser history, but for everything you do on your machine. Despite Microsoft's best intentions, privacy advocates see it as another backdoor to sensitive information, particularly if unauthorised access is gained. It's got shades of spyware, and many are questioning whether this feature is genuinely necessary.
In other under-the-radar news, the British government is quietly preparing to transfer control of the Chagos Islands, a group of atolls in the Indian Ocean, to Mauritius. The shift has more than a few tech companies raising an eyebrow, given that it means the British Indian Ocean Territory will no longer exist—and with it, the much-loved *.io* domain may be on the chopping block. Once the transition is official, the IANA is likely to cease new registrations for .io domains, which could ultimately signal the end of an era for the tech industry’s favourite top-level domain. So, if you’ve got a .io domain you love, hang onto it; this domain may soon be the stuff of digital nostalgia.
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Call of Duty gamers targeted with anti-cheat exploit.
https://breachaware.com/research/call-of-duty-gamers-targeted-with-anti-cheat-exploit
A total of 22 breaches were found and analysed resulting in 5,145,008 leaked accounts containing a total of 24 different data types. The breaches found publicly and freely available included Le Slip Francais, Detmir, Illuvium, Stealer Log 0490 and Wine Style.
The beginning of the end for .io websites
https://breachaware.com/research/the-beginning-of-the-end-for-io-websites
A total of 15 breaches were found and analysed resulting in 25,581,512 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included TEG, OpenSea, Stealer log 0489, Maksavit and SPIM.
100 domains seized following 120-page court order.
https://breachaware.com/research/100-domains-seized-following-120-page-court-order
A total of 22 breaches were found and analysed resulting in 13,158,059 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included Kleinanzeigen, Boutiqaat, Nexo, Netherlands FOREX Consumer Leads and DigiDirect.
Debt and credit information exposed in recent Bank breach.
https://breachaware.com/research/debt-and-credit-information-exposed-in-recent-bank-breach
A total of 21 breaches were found and analysed resulting in 30,573,656 leaked accounts containing a total of 30 different data types. The breaches found publicly and freely available included Tianya Club, Stealer log 0487, Stealer Log 0488, Stealer log 0486 and GetCarrier.
This month we dove into the headline-grabbing theft of $243 million in crypto, a case solved by blockchain sleuth ZachXBT, who handed the intel to the Feds. But, in a move that proves cybercriminals never miss an opportunity for drama, another amusing episode has popped up. This time, photos circulated on social media show a rival hacker commandeering the screens of an exclusive club, broadcasting the message “Back to the lobby, Malone,” and—just for kicks—displaying what appeared to be Malone’s Social Security number on a neighbouring screen. No word on whether Malone is rethinking his life choices yet, but it's safe to say his day was ruined.
Meanwhile, the saga of Telegram has taken yet another sharp turn. Following the questionable arrest of CEO Pavel Durov earlier this month, Telegram's stance on working with law enforcement has been, well, fluid. To recap: Durov's private jet stopped to refuel in France, where he found himself scooped up by French authorities. Despite being in that odd legal grey area of international airspace (where customs checks don’t typically apply), someone tipped off the authorities. Durov was detained without formal charges, and after a few days of "investigation," he was released on a 5-million-euro bail under the condition he can’t leave France.
In the wake of this, Telegram made a controversial statement about cooperating with law enforcement, claiming they’d only share user data for terrorism-related cases. Fast forward a couple of weeks, and they've walked it back again. Their new Terms & Conditions now state:
“If Telegram receives a valid order from the relevant judicial authorities that confirms you're a suspect in a case involving criminal activities that violate the Telegram Terms of Service, we will perform a legal analysis of the request and may disclose your IP address and phone number to the relevant authorities. If any data is shared, we will include such occurrences in a quarterly transparency report published at: https://t.me/transparency.”
Why is Telegram suddenly playing ball with the powers that be? Well, it’s likely the platform’s long-standing role as a haven for free speech (and, let’s be real, cybercriminals) is rubbing big governments the wrong way. Now, with other social media platforms neatly falling in line, Telegram is feeling the pressure. Naturally, this has sparked a "great migration" to the next digital safe haven, as users and cybercriminals alike begin seeking refuge from prying eyes.
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Threat actor merges 3.3 billion unique email addresses from public data breaches.
https://breachaware.com/research/threat-actor-merges-3-billion-unique-email-addresses-from-public-data-breaches
A total of 29 breaches were found and analysed resulting in 3,822,233 leaked accounts containing a total of 34 different data types. The breaches found publicly and freely available included Central Tickets, Anonymous Spanish Data Archive, 2 Invoice, Tiendup and YPOK.
Blockchain detective speeds up arrest of two crypto thieves.
https://breachaware.com/research/blockchain-detective-speeds-up-arrest-of-two-crypto-thieves
A total of 35 breaches were found and analysed resulting in 7,110,820 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included Sport 2000, Legendas.TV [2], Cash To You, Parking Pay and Brand New Tube [3]
We would rather “eat poop than pay a ransom.”
https://breachaware.com/research/we-would-rather-eat-poop-than-pay-a-ransom
A total of 23 breaches were found and analysed resulting in 10,466,698 leaked accounts containing a total of 30 different data types. The breaches found publicly and freely available included Lookiero, Tigo, DOJO, Grastin and OnlineGIBDD.
AI-powered property tech breach impacts US bank customers.
https://breachaware.com/research/ai-powered-property-tech-breach-impacts-us-bank-customers
A total of 27 breaches were found and analysed resulting in 36,605,520 leaked accounts containing a total of 32 different data types. The breaches found publicly and freely available included MindJolt, MyKukun, Factual, Passions Network and Dominos - Belgium.
Cuban Mobile Operator Data Breach Exposes Sensitive User Information
https://breachaware.com/research/cuban-mobile-operator-has-suffered-a-data-breach
A total of 26 breaches were found and analysed resulting in 33,301,424 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included ShopBack, JKAmaret, Allegedly Habibs, Talent Smart EQ [URL redirected] and Stealer Log 0480.
Kim Dotcom, the mastermind behind MegaUpload, is finally getting extradited to the U.S. from his New Zealand hideaway. For those who don’t know, Kim ran MegaUpload, the notorious file-sharing site, from 2005 until 2012—right up until the FBI decided to crash the party. They shut down the site, seized the servers, and probably threw a few hard drives into the ocean for good measure. But Kim's been playing a game of international "hide and seek" ever since. Well, the game might be up because just 15 days ago, a New Zealand judge decided that Kim can finally be shipped off to the U.S. for his alleged piracy shenanigans.
The U.S. authorities claim that Mr. Dotcom and his three trusty sidekicks cost the film and music industry a whopping $500 million. Now, $500 million sounds like a lot—because it is—but to put it in Hollywood terms, that’s about one and a half Star Wars movies. Seriously, the 2015 "Star Wars: The Force Awakens" had a budget of $432 million! So, what’s a few hundred million between friends?
If Kim is indeed extradited, he’ll be facing three charges: money laundering, racketeering, and copyright infringement. Or as they call it in the underworld, the “hat trick.”
In a twist that no one saw coming, infamous hacker USDod has been doxed! Apparently, he got "crowd struck" and decided it was time to hang up his virtual hoodie for good. The 33-year-old, whose real name is Luan Goncalves, is now calling it quits and plans to surrender himself to the Brazilian authorities. Yes, you read that right—a hacker voluntarily turning himself in. What’s next, cats and dogs living together?
Luan’s no stranger to being doxed, but this time it seems he's finally had enough. Before you think he's going out with a whimper, let’s not forget he’s the brains behind some pretty serious data breaches, including the Infragard hack—a network of professionals who work with the FBI to protect U.S. critical infrastructure. Yeah, that kind of serious.
Other hackers in the community are wishing him luck and patting him on the back for his illustrious (if illegal) career. USDod, always one for dramatic exits, left a parting note on hackread.com: “This is not my end. Thank you; see you around. Don’t worry, Brazilian authorities, I’m coming to meet you; I’m not a threat; in fact, I can do much for my country.” Now, if that’s not a retirement speech, I don’t know what is.
In the latest episode of “Who Got Arrested Today?”, Pavel Durov, the enigmatic founder of Telegram, has reportedly been taken into custody. Naturally, this has caused quite the uproar online. If Telegram gets back-doored by the FBI, expect a mass exodus of threat actors, drug dealers, and privacy enthusiasts alike to the next best end-to-end encrypted (E2EE) platform.
Of course, it’s not like crime isn’t happening on other social media platforms. Instagram, Facebook, and Snapchat have their fair share of dodgy dealings, but those are all nicely under the control of Western authorities. But Telegram? That’s a whole different ball game. If the rumours are true, it's time to grab your usernames and get ready to migrate!
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Finance company breached revealing 850 million records.
https://breachaware.com/research/finance-company-breached-revealing-850-million-records
A total of 15 breaches were found and analysed resulting in 65,131,591 leaked accounts containing a total of 24 different data types. The breaches found publicly and freely available included Pure Incubation Ventures, Eye4Fraud, APK, AvaTrade and Writers and Artists.
Health supplement maker failed to alert their three million customers of the breach.
https://breachaware.com/research/health-supplement-maker-failed-to-alert-their-three-million-customers-of-the-breach
A total of 31 breaches were found and analysed resulting in 8,514,163 leaked accounts containing a total of 24 different data types. The breaches found publicly and freely available included Piping Rock, Locally, Havenly, Bodog and Ragazzo Delivery.
DefCon conference gives local Las Vegas resort the jitters.
https://breachaware.com/research/defcon-conference-gives-local-las-vegas-resort-the-jitters
A total of 30 breaches were found and analysed resulting in 340,885,509 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included Allegedly SOCRadar [USDoD], Rail Yatri, Wanelo [Update], Yatra and Youth Manual.
Previously trashed cybercrime forum is reopening.
https://breachaware.com/research/previously-trashed-cybercrime-forum-is-reopening
A total of 19 breaches were found and analysed resulting in 86,112,651 leaked accounts containing a total of 35 different data types. The breaches found publicly and freely available included Neiman Marcus, Zoosk 2020, Bukalapak, Heroes of Newerth and Zhenai
In our most recent weekly insight, we delved into the escalating drama within the underground cybercrime community, particularly focusing on a feud between two threat actors and the administrators of Breach Forums. The rift began when the threat actors were banned for doxing, a clear violation of the forum’s rules. One of the disgruntled hackers responded by leaking the entire official data leaks page of the forum.
Breach Forums features a marketplace where users buy credits to purchase data breaches. These credits are usually accumulated by selling breaches, leading to substantial collections for dedicated hackers. The banned threat actors, having amassed a significant number of breaches, decided to upload all the data for free on a file hosting site, undermining the forum’s revenue model which relies on credit purchases with cryptocurrencies. This move has set the stage for what promises to be a contentious and chaotic few weeks.
On the corporate front, AT&T recently disclosed a breach in an 8K report filed with the SEC, revealing a compromise initiated by the Shiny Hunters malware campaign. The breach originated from a data leak involving Snowflake, a cloud-based data platform, and affected over 150 companies. The breach first came to light when data from Ticketmaster appeared for sale on a notorious cybercrime forum. Despite SEC regulations mandating prompt disclosure, the FBI and DOJ granted AT&T two extensions due to potential national security risks.
In another twist, the FBI’s recent seizure of the Baphchat Telegram group has backfired. The group, associated with Baphomet and previously taken over during the FBI’s takedown of the OneBreach forum, has been reclaimed by a threat actor. A prominent threat actor and forum moderator celebrated the recovery, stating, "This is truly a heroic day for all of us and a shameful day for the FBI, who fumbled the seizure." The group’s link now proclaims, "This Telegram chat is under the control of Breachforums," and the chat is buzzing with threat actors rejoicing over the FBI’s blunder.
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
It's kicking off in the underground cyber crime community.
https://breachaware.com/research/its-kicking-off-in-the-underground-cyber-crime-community
A total of 25 breaches were found and analysed resulting in 29,695,958 leaked accounts containing a total of 25 different data types. The breaches found publicly and freely available included Trello, 7k7k, Sword Fantasy, Zaimer and Xiaomi.
Kaspersky is being booted out of the USA.
https://breachaware.com/research/kaspersky-is-being-booted-out-of-the-usa
A total of 9 breaches were found and analysed resulting in 2,948,750 leaked accounts containing a total of 14 different data types. The breaches found publicly and freely available included Avito, Lulu Hypermarket, The Cellula, Boutique Curly and NATO Wiki.
Husky owners breach spreads like wildfire.
https://breachaware.com/research/husky-owners-breach-spreads-like-wildfire
A total of 18 breaches were found and analysed resulting in 5,935,927 leaked accounts containing a total of 28 different data types. The breaches found publicly and freely available included Giant Tiger, Telegram Base 2019-2023, Stealer Log 0475, Stealer Log 0474 and Tattletale.
Doctors and physicians exposed, prime for phishing attacks.
https://breachaware.com/research/doctors-and-physicians-exposed-prime-for-phishing-attacks
A total of 32 breaches were found and analysed resulting in 32,522,728 leaked accounts containing a total of 35 different data types. The breaches found publicly and freely available included IndiHome, LenDenClub, USA Business Men & Investor Database, US Doctor's Database 2024 and Stealer log 0473.
"This is not white-hat hacking; it is extortion."
https://breachaware.com/research/this-is-not-white-hat-hacking-it-is-extortion
A total of 22 breaches were found and analysed resulting in 20,007,669 leaked accounts containing a total of 25 different data types. The breaches found publicly and freely available included Russian Electronic School, Stealer Log 0470, piZap, USA Mobile Device Management Software (MDM) User Database and Ticketmaster.
In the ever-dramatic world of cybercrime, a small dark-web forum has found itself in a downward spiral, now up for sale. As covered in our weekly insight, the forum was breached by an unknown threat actor, prompting the admin to panic and shut it down. This came just days after the admin had taken to Telegram to badmouth the threat actor community and insult Shiny Hunters, the admin of Breach Forums. It seems the forum’s admin couldn’t handle the backlash and is now throwing in the towel.
The admin has put the entire forum's database, Telegram channel, and domain up for sale. The database is priced at $8,000, the domain at $600, and the Telegram channel at $2,000. In a somewhat surprising move, users can request the removal of their details from the database for free. There are also unsettling rumours that a former admin or prominent member of the community has tragically committed suicide, casting a somber shadow over an already chaotic situation.
In a moment of schadenfreude for both the online community and law enforcement, the Lockbit ransomware group recently claimed to have breached the United States Federal Reserve. This audacious claim naturally raised eyebrows, but as the countdown timer for the authenticity of the documents hit zero, it turned out to be a misdirection. The actual target was Evolve Bank & Trust, not the Federal Reserve. The confusion likely stemmed from a document mentioning the "United States Federal Reserve," which the affiliate, probably not fluent in English, misinterpreted. VX Underground humorously summed up the situation, pointing out the likely language barrier issue.
Meanwhile, Europol’s "End Game" operation, their largest offensive against botnets, has resulted in the arrest of four individuals—one from Armenia and three from Ukraine. This crackdown has seen law enforcement seize control of 2,000 domains and 100 servers across Europe and the Americas. Although the market for stealer logs remains active, there has been a noticeable dip in availability. One of the main suspects is believed to have raked in over 69 million euros in cryptocurrency, illustrating the scale and profitability of these operations.
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Administrators of $430 million dark web market have been arrested.
https://breachaware.com/research/administrators-of-430-million-dollar-dark-web-market-have-been-arrested
A total of 25 breaches were found and analysed resulting in 3,151,505 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included mSpy, Stealer Log 0468, Kladzdor, Facebook [3] and Fit5.
Disgruntled employee wiped 180 virtual servers.
https://breachaware.com/research/disgruntled-employee-wiped-180-virtual-servers
A total of 20 breaches were found and analysed resulting in 19,990,155 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included Lumin [2], Scentbird [2], Stealer Log 0467, Respect-Shoes and Tecnova Group.
Company backed by Facebook co-founder suffers large data breach.
https://breachaware.com/research/company-backed-by-facebook-co-founder-suffers-large-data-breach
A total of 30 breaches were found and analysed resulting in 7,203,587 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included 51, Zadig and Voltaire, Stealer Log 0465, T Bank and Danto.
Threat actor group expose data relating to Mexican cartels.
https://breachaware.com/research/threat-actor-group-expose-data-relating-to-mexican-cartels
A total of 31 breaches were found and analysed resulting in 2,177,382 leaked accounts containing a total of 32 different data types. The breaches found publicly and freely available included Unigame, One Vers, National Association of Judicial Sales Institutes, Stealer Log 0463 and THConnect.
The saga of Breach Forums continues with twists and turns. Just when the FBI thought they'd scored another victory by seizing the infamous Breach Forums and arresting its co-administrator Baphomet, the remaining admin pulled a digital rabbit out of the hat. Despite the initial seizure of both the clear-net and Tor domains, as well as the Telegram channel, the FBI's victory was short-lived. Mere hours after the domain was seized and added to the FBI's account, the account was suspended, and the domain fell back into the hands of the elusive threat actor. Emails between the FBI and the domain registrar detailing this blunder have since surfaced online.
The apparent end of Breach Forums was, in fact, just the beginning of a new chapter. In less than two weeks, a new admin known as Shiny Hunters resurrected the forum from old backups, launching a new Tor domain and fresh Telegram group. Not only is the clear-net site back up and running, but Shiny Hunters has also made headlines by offering the entire Live Nation/Ticketmaster database—containing 560 million users—for a cool $500k USD. The identity of the buyer remains unknown, adding another layer of intrigue to this unfolding story.
In another development, a breach impacting several American government agencies, including the US armed forces, has surfaced on dark web platforms. The notorious threat actor IntelBroker, known for his swift and effective hacks, claimed to have accessed sensitive data from the breached site in just "10–15 minutes." The compromised company, established to address the evolving landscape of maritime domain awareness, now finds itself at the centre of a significant data leak.
Meanwhile, a well-known threat actor group has announced a dramatic shift in focus. Declaring their departure from financially motivated cybercrime, they have pledged to return to their roots in hacktivism and political hacking. Their latest leak, though unverified, promises to be substantial. The group claims to have exposed sensitive information affecting various Mexican cartels, including the Sinaloa and Jalisco cartels. This leak allegedly stems from a variety of sources, including government sites, cartel-supported centres, and shops. The data dump also includes an in-depth research writeup detailing cartel operations and locations. Our team is currently sifting through the data to verify the claims and assess the implications.
It's been an action-packed month for cybersecurity professionals, and as always, the landscape continues to evolve with each passing day.
Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan
THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES
Threat actors will find this kind of data pretty handy.
https://breachaware.com/research/threat-actors-will-find-this-kind-of-data-pretty-handy
A total of 24 breaches were found and analysed resulting in 4,340,106 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included Kringle Cash, Stealer Log 0462, Games Nord, Money Man and NOSIS.
USDoD says that they're bringing Breach Forums back!
https://breachaware.com/research/usdod-says-that-theyre-bringing-breach-forums-back
A total of 25 breaches were found and analysed resulting in 61,491,599 leaked accounts containing a total of 25 different data types. The breaches found publicly and freely available included The Post Millennial, Share This, Book 24, Stealer Log 0457 and Stealer Log 0459.
Hacker boasts it took “10–15 minutes” to steal data that included US armed forces.
https://breachaware.com/research/hacker-boasts-it-took-10-15-minutes-to-steal-data-that-included-us-armed-forces
A total of 35 breaches were found and analysed resulting in 4,063,408 leaked accounts containing a total of 26 different data types. The breaches found publicly and freely available included ESN, Stealer Log 0456, SVR Labs, Kuchenland and Stealer Log 0455.
French clothing retailer has suffered a major cyber attack.
https://breachaware.com/research/french-clothing-retailer-has-suffered-a-major-cyber-attack
A total of 19 breaches were found and analysed resulting in 6,573,110 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included Rendez-Vous, Stealer Log 0454, boAt Lifestyle, Expandia and Intergroup Gold.
BreachAware Insight
THE LATEST CURATED INTEL FROM OUR RESEARCH CENTREListen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.
Weekly Summary
SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINESGlobal News Feed
POPULAR CYBERSECURITY PUBLICATIONSThis Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability.