'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
The vibes in the cybercrime community right now?
Tense. Awkward. Like someone turned on the big lights at the end of a rave.
Just a couple of years ago, underground forums were basically digital speakeasies, a cosy little criminal Starbucks where everyone knew your alias, nobody asked questions, and “OPSEC” was something you pretended to have. But now? The mood has shifted. The walls feel closer. The sheriffs are definitely in town.
In last week’s Insight, we joked about how the latest BreachForums clone probably had the shelf life of a ripe avocado. Well. Turns out the avocado is already brown.
The forum didn’t get seized, oh no, that would be too straightforward. It’s been… listed for sale. Like a slightly haunted Airbnb. Meanwhile, other forums are getting yeeted off domain providers faster than you can say DMCA who?
Constant migrations, domain hopping, “We moved again guys, update your bookmarks”… At this point, threat actors need a loyalty punch card: 10 domain suspensions = 1 free onion mirror.
And in the middle of this, Shiny Hunters recently announced: “The era of forums is over.”
Which is either:
1. Deep philosophical cyberpunk foreshadowing
2. Or someone got really emotional after their domain registrar sent them a mean email
Meanwhile, in Baltimore... The U.S. Secret Service has been busy doing the cyber equivalent of spring cleaning. They pulled 22 card skimmers out of POS terminals across the city after inspecting 3,000+ of them.
Which is both:
- Productive
- And a sign that criminals are once again relying on the “classic hits” like vinyl, but for fraud.
Honestly, someone out there is running a skimmer operation like it’s still 2011 and the Dubstep is about to drop.
And Then There’s the Aisuru Botnet, Feeling Very Proud of Itself. Aisuru briefly overtook almost every site on the internet to become Cloudflare’s most globally accessed domain, second only to Google for a bit.
Yes. A botnet. Almost beat Google.
Somewhere, a threat actor is pouring champagne into a gaming chair cupholder saying, “Mama, I made it.”
Aisuru was behind a 20 terabits-per-second DDoS attack this month. Which is… well… that’s not “someone’s mad their Minecraft server is down.” That’s “we want the internet to have a panic attack.”
The botnet is built mostly from infected consumer routers and CCTV DVR/NVR units, because apparently people will lock their front doors but leave their camera systems online with admin / admin.
They publicly claim they won’t attack governments or intelligence agencies. Which, realistically, usually means: they are the government or intelligence agencies. At least part-time. With dental.
Either way, they are absolutely thrilled to be trending. Finally, a dark web group that doesn’t have to pretend they're humble.
In Summary
- Cybercrime forums are now playing musical chairs with domain registrars
- Shiny Hunters has declared the forum era “over” (again, possibly mid-tantrum)
- The Secret Service is doing cardio in Baltimore
- And a botnet just became more popular than Netflix for a day
Honestly, if the internet had a sitcom, this would be the episode where everyone needs a group therapist.
Smarter Protection Starts with Awareness
Data Breach Scan, Check Any Domain for Free https://breachaware.com/scan
https://breachaware.com/research/bitcoin-queen-falls-discord-breached-and-the-air-force-fumbles-data
A total of 15 breach events were found and analysed resulting in 7,314,425 exposed accounts containing a total of 40 different data types of personal datum. The breaches found publicly and freely available included Duna TV, ULP 0033, Stealer Log 0542, Tries Digital Indonesia and Crypto Emails 500k.
Discord Bribery Scandal, BreachForums Seized (Again) & Korea’s Cloud Meltdown.
https://breachaware.com/research/discord-bribery-scandal-breachforums-seized-again-and-koreas-cloud-meltdown
A total of 27 breach events were found and analysed resulting in 10,915,864 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 25, Cherry Digital, FOAT, Stealer Log 0543 and Stealer Log 0544.
Europol Cracks SIMCARTEL, Monopoly Market Collapses & Shiny Hunters Implode.
https://breachaware.com/research/europol-cracks-simcartel-monopoly-market-collapses-and-shiny-hunters-implode
A total of 28 breach events were found and analysed resulting in 7,895,154 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 26, Detsky Mir Group, VC Telecoms, ULP 0034 and Ambab Infotech.
Smart Beds Crash, Linux Under Siege & BreachForums Rises Again.
https://breachaware.com/research/smart-beds-crash-linux-under-siege-and-breachforums-rises-again
A total of 20 breach events were found and analysed resulting in 5,484,019 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included VX Case, crypto.com, Stealer Log 0545, 1.5 Million Israeli Settlers and Absolut Info Systems.
Tense. Awkward. Like someone turned on the big lights at the end of a rave.
Just a couple of years ago, underground forums were basically digital speakeasies, a cosy little criminal Starbucks where everyone knew your alias, nobody asked questions, and “OPSEC” was something you pretended to have. But now? The mood has shifted. The walls feel closer. The sheriffs are definitely in town.
In last week’s Insight, we joked about how the latest BreachForums clone probably had the shelf life of a ripe avocado. Well. Turns out the avocado is already brown.
The forum didn’t get seized, oh no, that would be too straightforward. It’s been… listed for sale. Like a slightly haunted Airbnb. Meanwhile, other forums are getting yeeted off domain providers faster than you can say DMCA who?
Constant migrations, domain hopping, “We moved again guys, update your bookmarks”… At this point, threat actors need a loyalty punch card: 10 domain suspensions = 1 free onion mirror.
And in the middle of this, Shiny Hunters recently announced: “The era of forums is over.”
Which is either:
1. Deep philosophical cyberpunk foreshadowing
2. Or someone got really emotional after their domain registrar sent them a mean email
Meanwhile, in Baltimore... The U.S. Secret Service has been busy doing the cyber equivalent of spring cleaning. They pulled 22 card skimmers out of POS terminals across the city after inspecting 3,000+ of them.
Which is both:
- Productive
- And a sign that criminals are once again relying on the “classic hits” like vinyl, but for fraud.
Honestly, someone out there is running a skimmer operation like it’s still 2011 and the Dubstep is about to drop.
And Then There’s the Aisuru Botnet, Feeling Very Proud of Itself. Aisuru briefly overtook almost every site on the internet to become Cloudflare’s most globally accessed domain, second only to Google for a bit.
Yes. A botnet. Almost beat Google.
Somewhere, a threat actor is pouring champagne into a gaming chair cupholder saying, “Mama, I made it.”
Aisuru was behind a 20 terabits-per-second DDoS attack this month. Which is… well… that’s not “someone’s mad their Minecraft server is down.” That’s “we want the internet to have a panic attack.”
The botnet is built mostly from infected consumer routers and CCTV DVR/NVR units, because apparently people will lock their front doors but leave their camera systems online with admin / admin.
They publicly claim they won’t attack governments or intelligence agencies. Which, realistically, usually means: they are the government or intelligence agencies. At least part-time. With dental.
Either way, they are absolutely thrilled to be trending. Finally, a dark web group that doesn’t have to pretend they're humble.
In Summary
- Cybercrime forums are now playing musical chairs with domain registrars
- Shiny Hunters has declared the forum era “over” (again, possibly mid-tantrum)
- The Secret Service is doing cardio in Baltimore
- And a botnet just became more popular than Netflix for a day
Honestly, if the internet had a sitcom, this would be the episode where everyone needs a group therapist.
Smarter Protection Starts with Awareness
Data Breach Scan, Check Any Domain for Free https://breachaware.com/scan
This months cyber spotlight, vulnerability chat & privacy headlines.
Bitcoin Queen Falls, Discord Breached, and the Air Force Fumbles Data.https://breachaware.com/research/bitcoin-queen-falls-discord-breached-and-the-air-force-fumbles-data
A total of 15 breach events were found and analysed resulting in 7,314,425 exposed accounts containing a total of 40 different data types of personal datum. The breaches found publicly and freely available included Duna TV, ULP 0033, Stealer Log 0542, Tries Digital Indonesia and Crypto Emails 500k.
Discord Bribery Scandal, BreachForums Seized (Again) & Korea’s Cloud Meltdown.
https://breachaware.com/research/discord-bribery-scandal-breachforums-seized-again-and-koreas-cloud-meltdown
A total of 27 breach events were found and analysed resulting in 10,915,864 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 25, Cherry Digital, FOAT, Stealer Log 0543 and Stealer Log 0544.
Europol Cracks SIMCARTEL, Monopoly Market Collapses & Shiny Hunters Implode.
https://breachaware.com/research/europol-cracks-simcartel-monopoly-market-collapses-and-shiny-hunters-implode
A total of 28 breach events were found and analysed resulting in 7,895,154 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 26, Detsky Mir Group, VC Telecoms, ULP 0034 and Ambab Infotech.
Smart Beds Crash, Linux Under Siege & BreachForums Rises Again.
https://breachaware.com/research/smart-beds-crash-linux-under-siege-and-breachforums-rises-again
A total of 20 breach events were found and analysed resulting in 5,484,019 exposed accounts containing a total of 36 different data types of personal datum. The breaches found publicly and freely available included VX Case, crypto.com, Stealer Log 0545, 1.5 Million Israeli Settlers and Absolut Info Systems.
