Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Dark Web Security. Show all posts

Dark Web Grows Stronger. And So Does the Value of Monitoring


The Growing Threat of the Dark Web 

The Dark Web is rapidly growing along with the variety of cybercrime, and so is the value in monitoring it. The cybercrime ecosystem now not only includes private communications platforms like I2P and Tor but also reaches across clear websites and Telegram channels.

One of the most significant threats on the Dark Web is stealer logs with corporate access. These logs are likely one of the most significant vectors for data breaches. Infostealer variants such as Raccoon, Vidar, Titan, and Aurora infect computers, then exfiltrate the browser fingerprint containing all the saved passwords in the browser. Threat actors then sell the results on the Dark Web.

The Value of Monitoring 

To detect malicious actors distributing stealer logs across the Dark Web and Telegram, companies can monitor for any logs that contain an internal corporate domain access, such as sso.companyname.com.

Another threat on the Dark Web is Initial Access Brokers (IABs). IABs are active across Dark Web forums, such as XSS and Exploit.in. They establish initial access to companies, which they resell in auction and forum threads, typically for $10,000 to $500,000 per listing, depending on the company and level of access. 

A listing usually contains information such as the number of devices and services compromised, industry of the victim company, antivirus or endpoint detection and response platform the company is using, geographic location of company, and compromised hosts or servers.

Threat actors can purchase this access

Threat actors can purchase this access and use it to deploy ransomware or steal sensitive data or financial resources. Monitoring IAB forums can provide early warning that malicious actors have compromised devices. IABs never list the exact company name but generally provide enough detail that if your organization is a victim, there is a reasonable chance you can identify it.