EurekAlert: No honor among cyber thieves

EurekAlert: No honor among cyber thieves. “A backstabbing crime boss and thousands of people looking for free tutorials on hacking and identity theft were two of the more interesting findings of a study examining user activity on two online ‘carding forums,’ illegal sites that specialize in stolen credit card information.”

The Verge: Instacart users’ personal data, including order history, is reportedly being sold online

The Verge: Instacart users’ personal data, including order history, is reportedly being sold online. “The personal data of hundreds of thousands of Instacart users is being sold on the dark web for around $2 per person, according to a report from BuzzFeed. The publication says information including ‘names, the last four digits of credit card numbers, and order histories’ appearing to belong to 278,531 Instacart accounts is available to buy. (Though it’s impossible to verify that this number doesn’t include duplicates or incorrect data.) BuzzFeed did confirm with two Instacart users that the order date, transaction amount, and credit card numbers included in the cache matched their recent purchases. The data also includes users’ emails addresses.”

Navy to sailors: Please stop buying LSD online (Task & Purpose)

Task & Purpose: Navy to sailors: Please stop buying LSD online . “The Naval Criminal Investigative Service has a message for America’s sailors: Please, for the love of Poseidon and the Seven Seas, stop buying hallucinogens in the dark corners of the Internet. NCIS last week issued a warning to sailors to the risks of acquiring LSD on the so-called ‘dark web,’ the network of often-illicit sites accessible through specialized browsers that offer users ‘perceived anonymity.'”

Security Boulevard: High-Profile Data Thefts Shine Spotlight on Dark Web

Security Boulevard: High-Profile Data Thefts Shine Spotlight on Dark Web. “Recent ransomware threats leveled at President Trump, Lady Gaga and Madonna have raised awareness of the need to not only better secure data but also devoting more resources to determine what data has been exposed on the Dark Web. The cybercriminals who make up the REvil (Sodinokibi) ransomware gang this week launched an auction site where they plan to sell stolen data they were unable to ransom. Previously, REvil claimed to have stolen data from Grubman Shire Meiselas & Sacks, a law firm that primarily serves celebrities, and Agromart, an agricultural company based in Canada. Other apparent victims include Wartman Law Firm, Fraser Wheeler and Courtney LLP and Vierra Magen Marcus LLP.”

BBC: Dark web scammers exploit Covid-19 fear and doubt

BBC: Dark web scammers exploit Covid-19 fear and doubt. “‘They’re exploiting the fear, uncertainty and doubt people are experiencing during the pandemic, and using the anxiety and desperation to get people to buy things or click on things they wouldn’t have otherwise,’ says Morgan Wright, a former senior adviser to the US Department of State anti-terrorism assistance programme. He’s talking about the scammers and criminals that inhabit the “dark web” who have found a new angle – anxiety over Covid-19.”

BetaNews: ‘Fraud guides’ account for almost half of material for sale on dark web markets

BetaNews: ‘Fraud guides’ account for almost half of material for sale on dark web markets. “Digital risk protection company Terbium Labs has released a trend report on the stolen and fraudulent data of three of the largest multi-good dark web marketplaces, which finds that fraud guides account for 49 percent of the data being sold. Personal data lags some way behind at at 15.6 percent, followed by non-financial accounts and credentials (12.2 percent), financial accounts and credentials (8.2 percent), fraud tools and templates (eight percent) and payment cards (seven percent).”

BetaNews: Stolen Zoom account credentials are freely available on the dark web

BetaNews: Stolen Zoom account credentials are freely available on the dark web. “Loved, hated, trusted and feared in just about equal measure, Zoom has been all but unavoidable in recent weeks. Following on from a combination of privacy and security scandals, credentials for numerous Zoom account have been found on the dark web.”

BetaNews: The Dark Web turns 20 this month

BetaNews: The Dark Web turns 20 this month. “While we’re all being encouraged to sing ‘Happy Birthday’ as we wash our hands to ward off the COVID-19 virus, you might like to know that you can sing it to the Dark Web, which turns 20 this month. To mark the occasion digital risk management company Groupsense hasn’t baked a cake but it has produced an infographic of the Dark Web’s timeline.”

Phys .org: Why drug sellers see the internet as a lucrative safe haven

Phys .org: Why drug sellers see the internet as a lucrative safe haven. “More than six years after the demise of Silk Road, the world’s first major drug cryptomarket, the dark web is still home to a thriving trade in illicit drugs. These markets host hundreds, or in some cases thousands, of people who sell drugs, commonly referred to as ‘vendors.’ The dark web offers vital anonymity for vendors and buyers, who use cryptocurrencies such as Bitcoin to process transactions.”

Dark Web Search Engine Kilos: Tipping the Scales in Favor of Cybercrime (Digital Shadows)

Digital Shadows: Dark Web Search Engine Kilos: Tipping the Scales in Favor of Cybercrime. “In November 2019, a dark web search engine called ‘Kilos’ emerged from the depths of the cybercriminal underground, ostensibly to play the role of new heavyweight champion of search engines for cybercriminal marketplaces, forums, and illicit products. And with this title, Kilos recognized the need to stand out from the crowd and ensure its entrance onto the scene was not one to be forgotten.”

Wawa data breach: Hacker is selling 30 million credit cards on the dark web (Digital Trends)

Digital Trends: Wawa data breach: Hacker is selling 30 million credit cards on the dark web. “Credit card data from a security breach that affected an East Coast convenience store chain last year was discovered being sold in the corners of the dark web this week. The amount of data stolen makes it the third-largest credit card breach in history.”

Dark web child abuse: Hundreds arrested across 38 countries (BBC)

BBC: Dark web child abuse: Hundreds arrested across 38 countries. “More than 300 people have been arrested following the take-down of one of the world’s ‘largest dark web child porn marketplaces’, investigators said. The site had more than 200,000 videos which had collectively been downloaded more than a million times.”

Krebs on Security: “BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security: “BriansClub” Hack Rescues 26M Stolen Cards. “‘BriansClub,’ one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.”