Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Hacker Forum. Show all posts
Naval Group
Data Breach Data Leak France Hacker Forum Naval Group

French Defense Shipbuilder Naval Group Probes 1TB Data Breach

 

France’s state-owned defense firm Naval Group is investigating a major cyberattack after 1TB of allegedly sensitive data was leaked on a well-known hacking forum. The company, which designs and builds naval vessels, described the incident as an attempt at destabilization and a reputational attack, not a confirmed breach. Naval Group quickly involved cybersecurity specialists and French authorities, launching a thorough investigation to verify the authenticity and origin of the leaked data. 

The threat actor, going by the alias ‘Neferpitou’, initially posted a 13 GB data sample as proof and issued a 72-hour ultimatum to Naval Group for negotiations before publishing the full dataset. The leaked material reportedly contains classified information such as combat management systems for military vessels, technical documentation, and internal communications. Naval Group, however, asserts it has not detected any IT systems intrusion and operations remain unaffected. 

Naval Group is France’s leading naval defense supplier, majority-owned by the state with a global footprint that includes exports to Australia, India, Brazil, and Egypt. The company is responsible for constructing and maintaining some of France’s most sensitive assets, including submarines and aircraft carriers. The breach, if genuine, could have significant implications for national security and international defense partnerships. 

The data appeared on DarkForums, which has reportedly surged in popularity since the collapse of BreachForums, now acting as a central hub for cybercriminal activity. The incident has also sparked speculation that the leaked data might be recycled, possibly linked to a previous breach involving Thales, another key French defense player, in 2022. 

Despite the hacker’s claims and the potentially catastrophic exposure of confidential systems, Naval Group maintains that current evidence points more toward a reputational attack rather than proof of direct compromise. Investigations are ongoing, with the company committed to collaborating with authorities to resolve outstanding questions around the legitimacy and impact of the data leak.
Read more »
malware
Credential Theft Data Leak Hacker Forum Infostealer malware

Infostealer Malware Exposes Over 100K Accounts From Hacking Forums

 

Security experts identified over 140,000 compromised passwords linked to accounts on hacker forums after their owners were infected with data-stealing malware.

Hudson Rock searched its cybercrime intelligence database for infected computers with credentials connected with the top 100 cybercrime sites. It discovered 120,000 identical computers, claiming that many of them belonged to hackers.

When a machine is infected with information-stealing malware, a "substantial" amount of data, including emails and account usernames, auto-fill data containing personal information such as addresses and phone numbers, and system information such as IP addresses, can be retrieved, security firm explained.

“Info-stealer infections as a cybercrime trend surged by an incredible 6000% since 2018, positioning them as the primary initial attack vector used by threat actors to infiltrate organisations and execute cyber-attacks, including ransomware, data breaches, account overtakes, and corporate espionage,” the company added.

Redline, Raccoon, and Azorult accounted for the majority of the info-stealer malware that was discovered throughout the research. The analysis found that the majority of those exposed were from Tunisia, then Malaysia, Belgium, the Netherlands, and Israel.

The cybercrime forum "Nulled.to," which was followed by "Cracked.io" and "Hackforums.net," had the most users who had been exposed to malware. 

It's interesting that the research team discovered that a large portion of the credentials used on hacking sites were more robust than those employed on government and military websites. 

“By analyzing passwords of users from the various forums, Hudson Rock determined that the forum with the strongest user passwords is Breached.to, while the one with the weakest user passwords is the Russian site Rf-cheats.ru,” the vendor concluded. 

The cybercrime underground frequently sees a high number of usernames and passwords in circulation. SpyCloud detected billions more pieces of personal information (PII) and almost 1.5 billion compromised log-in combinations online in 2021.

SpyCloud discovered that 60% of credentials for users who had multiple passwords exposed were shared across accounts, and that number rose to 87% for US.gov emails, leaving them vulnerable to brute force attacks and credential stuffing. 

Prevention tips 

Having strong, dependable antivirus software installed on your device and keeping it updated on a regular basis is the best preventative measure you can take.

You should also use antivirus software that has dark web monitoring technologies so that you'll be immediately informed if your information is compromised. You can either do this by changing your login details or by warning your friends and family to be on the lookout for scammers impersonating as you.
Read more »
Russian Hackers
Hacker Forum malware Ransomware Russia Russian Hackers

The famous Russian-language hacker forum has banned the mention of ransomware

XSS is a well-known forum where users discuss all kinds of vulnerabilities, exploits, malware, and ways to penetrate other people's networks. Ransomware was also actively discussed there, moreover, among the forum participants there are representatives of Ransomware groups who actively recruited new partners to work on the "Ransomware-as-a-Service" (RaaS) model.

The decision to ban the discussion of Ransomware was made personally by the forum administrator.

The administrator stated that Ransomware is usually not interesting from a technical point of view, while the main purpose of the forum is "knowledge".

"We are a technical forum, we learn, research, share knowledge, write interesting articles. The goal of Ransomware is only to earn money. The goals are not the same," the forum administrator wrote.

He noted that there is a degradation: newcomers see "crazy virtual millions" that are paid from time to time as a ransom for unlocking data, and think that they will be able to get them. Therefore, beginners "do not want anything, do not learn anything, do not code anything, even just do not think, their whole life is reduced to "encrypt - get $”.

The administrator of XSS Forum also said that there is too much PR around the topic, as well as "nonsense, hype, noise" and even politics. The topic of Politics is obviously related to the Ransomware attack on the Colonial Pipeline, which led to a large-scale crisis in the United States.

"The word "ransom" was equated with a number of unpleasant phenomena — geopolitics, extortion, state hacking. This word has become dangerous and toxic," the forum administrator said.

So he decided to ban everything related to Ransomware. Even old forum threads related to this topic will be deleted.

According to Alexey Vodiasov, technical director of SEC Consult Services said that Ransomware is really a way to make quick money with very little effort. It is possible that after the attack on the Colonial Pipeline, US law enforcement agencies may launch an intensive campaign against the cyber underground.

Read more »
Subscribe to: Posts (Atom)