Slilpp Users Scammed Following Darknet Market Takedown
The US Department of Justice has taken down Slilpp, following an international collaboration between different law enforcement agencies. Slilpp emerged in 2012 and was one of the largest marketplaces for stolen credentials. According to specialized media, the FBI seized the website and placed a warning on the website. Although it has only recently been publicized […]
Cancel Culture Reaches the Criminal Underground
In our ransomware report from late 2020, we explained how some ransomware groups were offering their services to others. Ransomware-as-a-Service (RaaS) has become popular and generated much discussion on the criminal underground. It represents an easy and accessible way for malicious actors to earn a few dollars. In our report, we mentioned that ransomware groups […]
0-Day No Longer Best Kept Secrets On The Internet
A 0-day is a software vulnerability that is unknown to its software maker. 0-days are perhaps the most valuable type of exploits out there simply because they can be used with an incredibly high chance of success, and often for an extended period of time. With no knowledge of a flaw, a software maker is […]
Malicious Actors Show Increased Interest in Information Theft
The evolution of malicious actors over the last four decades has shown that greed is greatly responsible for most of the cybersecurity incidents we keep witnessing. While in the 1980s virus authors sought to experiment, and erase data, the same breed of malicious actors now seek, in many cases, mostly one thing: information. Credential Stealing […]
Major Hack Jeopardizes Future of Dark Web Marketplaces
Over the past week, an unknown malicious actor launched perhaps the biggest phishing attack against dark web marketplaces. This attack created havoc among their participants, and further questioned the very business model of dark web marketplaces. What happened, why is it significant, and what does this mean for the near future? The Hacking of Dark […]
Private forums increase transmission of knowledge by malicious actors
Malicious actors use online discussion forums to facilitate the exchange of knowledge, often out of the public’s eye. In this blog, we study the transmission of knowledge that takes place on public and private forums. This leads us to question how the participant selection mechanisms of forums influence the transmission of knowledge. This transmission is […]
Business of Sending Spam
While malicious actors have developed countless attack methods, spam remains to this day a significant threat vector for companies. The most recent statistics on spam are indicative of the danger that spam poses: 95% of all attacks targeting enterprise networks are caused by successful spear phishing. A single spear phishing attack results in an average […]
All Is Fair In Darknet Wars
For anyone trying to collect data on the darknet, the last three years have been an incredible challenge. The dark net used to be a collection of simple marketplaces that could be easily indexed and crawled, though sometimes slowly because of the size of some of the markets. Alpha Bay, for example, had an estimated […]
How online learning may have opened the door for ransomware in higher ed
PYSA ransomware, a variant of Mespinoza ransomware, has been actively targeting the education sector in the past months. According to the FBI, ransomware, malware and DDoS attacks have compromised a number of critical sectors, yet educational institutions in the US and the UK seem to be the preferred target for now. Has online learning triggered […]
F.B.I. Reveals 70% Year-Over-Year Increase in Reported Cybercrime
The F.B.I. has just published its latest report on cybercrime complaints it received in 2020. The picture drawn should raise concerns for most CISOs, and unfortunately raises even more questions than providing answers. The main take-away from the report is that 791,790 cybercrime complaints were made in 2020. Those complaints were responsible for over US$4.2 […]
