In the ever-dramatic world of cybercrime, a small dark-web forum has found itself in a downward spiral, now up for sale. As covered in our weekly insight, the forum was breached by an unknown threat actor, prompting the admin to panic and shut it down. This came just days after the admin had taken to Telegram to badmouth the threat actor community and insult Shiny Hunters, the admin of Breach Forums. It seems the forum’s admin couldn’t handle the backlash and is now throwing in the towel.

The admin has put the entire forum's database, Telegram channel, and domain up for sale. The database is priced at $8,000, the domain at $600, and the Telegram channel at $2,000. In a somewhat surprising move, users can request the removal of their details from the database for free. There are also unsettling rumours that a former admin or prominent member of the community has tragically committed suicide, casting a somber shadow over an already chaotic situation.

In a moment of schadenfreude for both the online community and law enforcement, the Lockbit ransomware group recently claimed to have breached the United States Federal Reserve. This audacious claim naturally raised eyebrows, but as the countdown timer for the authenticity of the documents hit zero, it turned out to be a misdirection. The actual target was Evolve Bank & Trust, not the Federal Reserve. The confusion likely stemmed from a document mentioning the "United States Federal Reserve," which the affiliate, probably not fluent in English, misinterpreted. VX Underground humorously summed up the situation, pointing out the likely language barrier issue.

Meanwhile, Europol’s "End Game" operation, their largest offensive against botnets, has resulted in the arrest of four individuals—one from Armenia and three from Ukraine. This crackdown has seen law enforcement seize control of 2,000 domains and 100 servers across Europe and the Americas. Although the market for stealer logs remains active, there has been a noticeable dip in availability. One of the main suspects is believed to have raked in over 69 million euros in cryptocurrency, illustrating the scale and profitability of these operations.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan

THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES

Administrators of $430 million dark web market have been arrested.
https://breachaware.com/research/administrators-of-430-million-dollar-dark-web-market-have-been-arrested
A total of 25 breaches were found and analysed resulting in 3,151,505 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included mSpy, Stealer Log 0468, Kladzdor, Facebook [3] and Fit5.

Disgruntled employee wiped 180 virtual servers.
https://breachaware.com/research/disgruntled-employee-wiped-180-virtual-servers
A total of 20 breaches were found and analysed resulting in 19,990,155 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included Lumin [2], Scentbird [2], Stealer Log 0467, Respect-Shoes and Tecnova Group.

Company backed by Facebook co-founder suffers large data breach.
https://breachaware.com/research/company-backed-by-facebook-co-founder-suffers-large-data-breach
A total of 30 breaches were found and analysed resulting in 7,203,587 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included 51, Zadig and Voltaire, Stealer Log 0465, T Bank and Danto.

Threat actor group expose data relating to Mexican cartels.
https://breachaware.com/research/threat-actor-group-expose-data-relating-to-mexican-cartels
A total of 31 breaches were found and analysed resulting in 2,177,382 leaked accounts containing a total of 32 different data types. The breaches found publicly and freely available included Unigame, One Vers, National Association of Judicial Sales Institutes, Stealer Log 0463 and THConnect.