1.2 Billion Dollars In Sales Of Illegal Items In 2 Years: The Dark Web Data
50,000 extremist organizations, 1.2 billion dollars in sales of illegal items in 2 years: the dark web data
A cryptocurrency data report released by Chainalysis shows that the crime rate of cryptocurrency in the darknet market has risen rapidly and set a new revenue record in 2020. In 2020, the ecosystem traded cryptocurrencies (mostly Bitcoin) at $1.7 billion.
However, in 2021, this record was broken again, and the number of cryptocurrency transactions surged to around $2.1 billion. According to the report, approximately $300 million of these transactions were generated by fraudulent shops, organizations that broker the sale of various stolen logins, credit cards, and exploit kits.
According to the report, the market serving Russian-speaking countries (Hydra) is by far the most important marketplace for cryptocurrency exchanges, accounting for around 80% of global darknet market revenue.
New GoTrim Botnet Attempts to Hack Admin Accounts of WordPress Sites
A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of targeted systems.
This new brute force program we named GoTrim because it is written in Go and uses ‘:::trim:::’ to split the data communicated with the C2 server.
Since September 2022, it has been found to use a network of bots to perform distributed brute force attacks and attempt to log in to targeted web servers. After a successful intrusion, the attackers install a downloader PHP script on newly infected hosts, which is designed to deploy a “bot client” from a hardcoded URL, effectively adding the machine to the growing network.
LockBit Hackers Steal California Department of Treasury Data
The California Governor’s Office of Emergency Services confirmed that the Treasury Department had been affected by the cyber incident, but did not provide many details.
“The intrusion was proactively identified through coordination with state and federal security partners. Upon identification of this threat, digital security and online threat-hunting experts were rapidly deployed to assess the extent of the intrusion and to evaluate, contain and mitigate future vulnerabilities” — California’s Office of Emergency Services
It’s unclear how much damage the hackers did or how they breached the department. However, the state of California said state funding was not affected by the attack.
After announcing its open source plan, Google launched the largest open source vulnerability database
On December 13, Google announced the open source OSV-Scanner, which can access vulnerability information of various projects and strengthen the security of the software supply chain.
Google software engineer Rex Pan introduced to the media that the tool is written in Go language and supported by the open source vulnerability (OSV) database, which can generate reliable and high-quality vulnerability information, filling the gap between the developer’s package list and the vulnerability database information. Whitespace.
The scanner works by using data extracted from the OSV.dev database to identify all lateral dependencies of a project and highlight associated vulnerabilities.
The OSV.dev database has 38,000 contributors and supports 16 ecosystems, including all major languages, Linux distributions (Debian and Alpine), Android, Linux kernel, and OSS-Fuzz. The number of security alerts is more than 1.5 a year ago, with Linux (27.4%), Debian (23.2%), PyPI (9.5%), Alpine (7.9%) and npm (7.1%) occupying the top five alerts.
Indian foreign ministry leaks passport details of foreigners
The Cybernews research team reported on December 12 that the Global Pravasi Rishta Portal, a platform dedicated to outreach to Indians abroad by the Ministry of Foreign Affairs of India, leaked sensitive data, including users’ personal names and passport details.
Initially, the Cybernews research team was alerted that the Global Pravasi Rishta Portal was exfiltrating sensitive user data, after verification it was found that the platform was exposing names, countries of residence and email addresses of individuals in clear text, as well as professional status, telephone and passport number. The breach could be due to poor security measures, such as lack of effective authentication.
Afterwards, the Cybernews team has contacted the Ministry of Foreign Affairs to inform them of the leak, but has not received a reply. After a few days, the security issue was resolved.
