Category Archives: Dark Web

We deal with all the topics on the Dark Web as well as all its excesses.

Darknet: user data sold

Hackers decided to upload data to the Darknet and steal it from a two-year cyber espionage campaign.

The number of people affected by this massive data leak is more than 600,000. The mail service provider victim of this computer attack is none other than the Italian operator known as Email.it, which is recognized in the sector as a specialist in the provision of services in the field of e-mail.We opened a breach in the data center Email.it more than two years ago and settled down like an APT, the malicious point out.We took all the sensitive data possible from their server and then we chose to give them a chance to fill their holes by asking for a small bonus. They refused to talk to us and continued to deceive their users/customers. meant the hackers responsible for the leak.

This article will also interest you: 7600 websites of the Dark web offline after the attack of their host

They call themselves NoName Hacking Group. They then decide to put for sale the data they have collected following the company's refusal to give in to their blackmail. As such, the hacker group is offering about 5 to bit of personal data from the provider for 20,000 euros, or CAD$ 30,000. And about 15,000 euros to have access to all emails and attachments collected during the 2 years of espionage. And that's not all, it provides its customers with 46 databases, a backdoor access to the italian firm's website and even the source code of applications related to the site. In addition, for 600,000 passwords and other private information of users for only 3000 euros."We took as much sensitive data as possible from their servers and chose to give them a chance to plug their holes and ask them for a small reward," NNHG concludes. They refused to talk to us and continued to lie to their users and customers.explains the group of pirates.

They also note that the company does not have enough security measures to protect its users' data. For example, user correspondence, whether e-mail, faxes or other individual information, was not protected by encryption. This is a real fault on the part of the company. It is clear that the regulators will be referred to this matter and a fine or several may fall to this level. In addition, hackers noted that they had infiltrated the company's network since 2018 through a backdoor. And during these 2 years, the company has not detected their presence or even an irregularity. Unfortunately, this indicates a certain lack of safety.

Now access an unlimited number of passwords:

Check out our hacking software

7600 Dark web websites offline after their host's attack

This is a second hack in the space of just 16 months.

Accommodation service provider Daniel's Hosting has made a new pirate. The facts have been brought to light since last week, and the consequences are more serious than the first time. Indeed, the immediate consequence of this hacking was to force the largest host of free web service to cease its activities. The hacker behind the attack removed the entire database from the host's portal, thus putting more than 7,600 hidden websites offline.

This article will also interest you: What is the Darknet or the Dark Web?

According to information gathered host, it is at the beginning of March precisely in the around the 10th of the month, that the information was published on the portal that no longer exists. According to Daniel Winzen, the one originally the back end of the service observed an intrusion. from the hacker was able to delete all the data to ensure the accommodation service. And the hacker didn't just stop there, it has put in place other services that it could use in future actions. And it wasn't until the next day that the supplier realized. at by then almost all of the data was already lost. What is terrible, because this kind of service does not keep backups

The publisher mentioned that he did not know how the hacker managed to break into the back end its program. However, he does not intend to continue the investigation. To tell you the truth, the accommodation service was only a hobby for him, he said. « I am currently very busy with my daily life and other projects, I decided not to spend too much time investigating."

But he later added that the hacking did not directly affect users' accounts who had their websites hosted on his platform. Apparently the cyberattack has affected me only the back end. However, he advises his users to consider all of some of the data such as passwords. So he advises them to proceed changes to their identification mode.

The publisher also announced that for the time, its hosting service on the Dark Web will not be active: "It's a project on my free time, which I do next to my full-time job, and try to keep the server clean against illegal and fraudulent sites requires a lot of time (…) I spend 10 times as much time deleting accountability than to continue development. At the moment, I don't have intend to continue the accommodation project." But he adds that the project is not completely abandoned, although he advises his users to turn to other free hosting services on the Dark web such as Freedom Hosting Reloaded OneHost. However, a return is foreseen. "I still plan to relaunch the service at a later date with new features and improvements (…) Not having to administer services all the time will hopefully give me more time for the real development. However, it may be months before I am ready to revive it. he wanted to clarify.

As a reminder, when it first hacked in November 2018, the hosting service lost more than 6,500 websites at the time, after a hacker managed to take control of the database server.

Now access an unlimited number of passwords:

Check out our hacking software



Dark Web dealers and Black Friday

As can be read on some presses, Black Friday has spread to the Dark web.

Hackers and web criminals want to take advantage of this commercial event to put on their digital displays, their product which more often than not illegal. Always in the spirit of this commercial event, the products it makes available to their customers and just as at broken prices. Among the most sold products during this period were stolen bank cards, drugs and hacking software.

This article may also interest you: 3.7 million customers of the Parisian brand Séphora for sale on the Dark Web

As the computer security company Cyber Risk means, For more than a week now, about 1,600 Black Friday-themed posts have been detected on dark web forums. It is even possible to see offers of up to 30% discount on some of the products and even additional discount granted to certain customers whose transaction amount exceeds 2000 euros. "People are always looking for bargains, whether it's normal consumers or cyber criminals. That's why in November, users of dark web forums flock to create chats and focus groups dedicated to researching and sharing the best Black Friday deals," Alex Guirakhoo, a research analyst for Digital Shadows, another it security firm, told The Independent.

We see that from now on, sales periods are becoming more and more common on the dark web. Black Friday has become, it seems as important a period for digital crime traders as it is for traditional traders. However something separates these two types of traders. Indeed, cyber criminals do not usually sell during the year for some. It keeps the product especially for this kind of date. For this reason, we notice on the dark web a greater number of illicit products marketed on the dark web from November 29. In addition, it is envisaged that on December 2nd precisely the activity of the dark web regarding Black Friday it may experience a peak, especially during Cyber Monday.

This commercial event, which was once reserved only for online shopping, has now become a very special and most important sales day in the United States. it is estimated about 20 billion euros spent by the French on online purchases during Black Friday. Because of this influx, drug dealers are more likely to use social networks to advertise. Indeed, cyber criminals do not hesitate to use certain messaging services such as Telegram or Instagram. this makes it easier for them to highlight their products that will be available on the darknet market. Some even include promotional codes and discount coupons in their offer to get the most customers on certain products such as cocaine or malware intended for hacking.

According to the authorities, all these communication strategies are paying off. According to a report, online drug sales brought in more than $28 million between 2017 and 2018. "We've seen the same strategies used by online merchants and physical shops, used by these criminals in these illegal markets," said James Chapelle, co-founder of Digital Shadows. The computer security company recommends that you be more vigilant when you click on ads of questionable provenance during this time of year. Some take the opportunity to slip malware.

Now access an unlimited number of passwords:

Check out our hacking software



3.7 million customers of the Parisian brand Séphora for sale on the Dark Web

It was discovered very recently by the cybersecurity firm called Group-IB that personal information was being sold on Darkweb, the dark side of the Internet, a popular place for hackers.

This personal information belonged to the clients of the firm Sephora. About 3.7 million people were affected by this personal data receipt.

This article may also be of interest to you: Epitech is getting hacked

According to the Singapore-based it security firm, the sale began between July 7 and July 17 this year. As for the leak, it would go back since February of this year. The first stolen database that was for sale would contain approximately five hundred thousand (500,000) personal references and login credentials (passwords, names, usernames, etc.). All of its references concern clients who routinely visit the Sites, Indonesian and Thai sephora.

The second database began circulating around July 28 of this year. According to the cybersecurity firm, it contains 3.2 million personal references and was referred to as "Sephora 2019/03 – Shopping. ». Its leak dates from March of this year.

Group-IB claims it had to use an undercover strategy to be able to access the platform for the sale of stolen data. Platform that is reserved for a very closed group of hackers. The company claims to have had access to samples of the data marketed fraudulently. In this regard, the information is very much about individuals, their personal and even physical characteristics. Indeed, the firm's experts say they have seen data such as the names and surnames of several people, login credentials (usernames, passwords, etc.), IP addresses, login data, ethnicity, hair color, gender, etc. In addition, references from Sephora customers such as eye, skin or toiletry habits were also available. In short, it was a treasure trove of personal information. This makes it easier to impersonate or other online scams. And most shockingly, all the information sold with its precise details costs only 1900 U.S. dollars equivalent to 1700 euros.

The computer security company after its discovery informed the Séphora brand in an official press release, which officially informed all its customers and the media that the personal data relating to its customers had indeed been stolen and put up for sale. The affected customers were users of its online customers from Malaysia, Indonesia, Thailand, Singapore, Philippines, New Zealand, Australia and Hong Kong.

This receipt of personal data seems to to the delight of some that they have not reached the European clientele of the French brand. Avoiding the brand with a hefty fine by the authorities digital regulation.

Séphora, for its part, reassures that no information relating to bank identifiers has been stolen and sold. The company says there is no evidence that the stolen information has already been exploited. In addition, security experts were contacted and after analysis concluded that no major flaws were the cause of the leak. And strangely no hacker attacks were discovered. As a result, it is believed that the data surely leaked from a corrupt employee or bad intentions. Singapore's personal data protection authority, the Personal Data Protection Commission of Singapore, said it was opening an investigation into the matter.

Now access an unlimited number of passwords:

Check out our hacking software