Search This Blog

Powered by Blogger.

Blog Archive

Labels

Dark Web Paying Corporate staffs to Leak secrets

This is not the first time when 'Dark Web' is in news for their notorious deeds, this time they are in news for paying corporate workers to leak information most importantly stock prices (earnings reports etc).

 After this people are constantly asking about the ‘Dark Web’ which is famously known as ‘Dark Net’, a name which existed way before Tor did.

The research revealed that 'Dark Web' is paying staff to leak corporate secrets.

The Hackers from US-based risk management outfit RedOwl and Israeli threat intelligence firm IntSights worked together to access the private darknet property Kick Ass Marketplace and found out evidence of staff selling internal corporate secrets to hackers. While in some cases, staff even help hackers to infect their company networks with malware.

To access the insider information one just has to pay a subscription of up to one bitcoin a month.
The site is run by “h3x”,  who claimed to be a “self-taught cryptographer, economist, investor, and entrepreneurial businessman”.

h3x said that "Kick-Ass Marketplace boasts seven administrators, including three hackers and two trading analysts who observe financial markets and vet the integrity of stolen data before posting it to the site."

Three hackers studied another dark website, they dubbed The Stock Insiders, they recruited retail staff as mules to help cash out stolen credit cards for reliably-resellable goods like Apple iPhones.

The report released by them includes: "Posts where fraudsters seek help from strikers, people willing to walk into stores with stolen credit cards pretending to be legitimate account holders who approach cooperating sales clerks to buy goods."

The trio said insider recruitment is “active and growing” with chatter across public and private forums about the subject doubling from 2015 to 2016.

“The dark web has created a market for employees to easily monetise insider access,” the researchers say.

“The dark web serves as a vehicle insiders use to cash out on their services through insider trading and payment for stolen credit cards.

“Sophisticated threat actors use the dark web to find and engage insiders to help place malware behind an organisation’s perimeter security [and] as a result, any insider with access to the internal network, regardless of technical capability or seniority, presents a risk.”

Insider theft can be disastrous for some organisations. In Australia, theft of sensitive corporate information including designs and customer records can be considered a civil rather than criminal matter, leading to very lengthy and expensive lawsuits."
Share it: