Showing posts with label clearweb. Show all posts
Showing posts with label clearweb. Show all posts

Tuesday, October 10, 2017

Tor Network Shrinking

On 5 October 2017, Wapack Analysts observed several prominent Tor-based hacker forums go permanently offline - at the same time. Despite the clearweb address being offline, one of the forum's Tor onion sites was still online, suggesting a potential infiltration of the server; as seen with past law enforcement activities. The forums went offline with out any announcement or reason given for the disappearance. Several Reddit users have re-circulated the onion sites and are now speculating about what happened. In a recent blog post by Gizmodo, they explain that the Tor network is statistically shrinking. Gizmodo, utilizing the Onionscan tool, scanned a list of over 30,000 onion domains and reported only 4,400 online. Wapack Analysts have not observed any new Tor-based hacking forums for more than a week, suggesting possibly, a move away from Tor and on to different channels of communication...READ MORE

Wapack Labs has cataloged and reported Tor network activity and trends in the past. An archive of related reporting can be found in the Red Sky Alliance portal.

WWW.WAPACKLABS.COM
Posted by at
Labels: , , , ,

Thursday, May 25, 2017

Free Online Payment System Credentials: Contact SeƱor

Wapack Labs analysts exposed a threat to the financial sector, one who is actively posting in several clear web and underground forums. Within these forums, the actor creates threads of free, downloadable log-in credentials, for an online payment system. Analysts assess that it is likely that the actor is brute-forcing the accounts to obtain the passwords. A brute force attack is a trial and error method used by application programs to decode encrypted data such as passwords - highly effective if the account uses simple passwords. The language, emails, and passwords indicate that the actor is a Spanish or Portuguese speaker, likely operating in South America...READ MORE

Wapack Labs has cataloged and reported extensively on Spanish speaking, threat actors in the past. An archive of related reporting can be found in the Red Sky Alliance portal.

WWW.WAPACKLABS.COM
Posted by at
Labels: , , , , , , ,

Friday, April 7, 2017

The Carder Wears Prada: Reselling Stolen Credit Cards

Wapack Labs is researching an international carder who is advertising the sale of thousands of stolen, credit/debit cards worldwide. This carder advertises on several clearweb and deepweb forums, asserting a validity rate of 80-100%, and confirms invalid cards will be refunded. A buyer can create an account to permit shopping inside their database which, contains the stolen credit/debit cards. Full encryption is provided with each card dump, which includes all pertinent banking credentials. This carder utilizes bitcoin (BTC) for payment transactions.

Wapack Labs has reported extensively on carders in the past. An archive of related reporting can be found in the Red Sky Alliance Portal.

Posted by at
Labels: , , , , , ,
Subscribe to: Posts (Atom)