2024 has ended, and it is evident that the dark web is the most significant danger that threatens the digital world. 2025, awaits with actions on the security measures requirements and the what can we learn from our mistakes. In this month’s digest, we see the dark web attacks reaching dangerous levels, such as the exploitation of sophisticated ransomware attacks and the explosion of unfair tools like crypto drainers. Even at the end of the year, the dark web is still with us as it evolves, and new tactics and technologies are being developed to counter cybersecurity efforts worldwide.
Michael Schumacher’s former assistant is charged £12 million to post private images on the dark web
The family of Michael Schumacher faced accusations of a $12 million blackmail scheme committed against him. A proper plan, reflected by a former associate of the F1 maestro, included threats to publish highly personal dark web pictures. Markus Fritsche employed the guy as a bodyguard for the family, and he worked for the family for 18 months, even before Schumacher’s accident.
Internet trolls often argue over who got it right, but the truth might be understood after extended access to a family is gained via friendship. After the family had Fritsche… where Fritsche became annoyed that he created it, he made a nice scheme to get his revenge on days when someone discovered his missing USB device instead of simply giving it back.
German prosecution accuses Fritsche of including Yilmaz Tozturkan, a long-time friend, and Tozturkan’s son, an IT specialist, as his allies in this criminal activity. The supposed framework implicated around that time unofficially included some 1,500 pictures, 200 recordings, and a series of documentation on Michael Schumacher’s illness was published.
Russia seizes a large amount of drugs and sentences the Hydra dark web kingpin to life in prison
The Russian court announced a lifetime sentence for the leader of the widespread criminal group Hydra. The group is famous for drugs online and arrested 15 of his aides. They were engaged in the production and trafficking of psychotropic substances and medicines. The Moscow Regional Court brought a guilty verdict after the decision of a group of jurors. Hydra was established in 2015 as a drugs market and was taken down by international police action in 2022 when its servers were seized.
An information-sharing system was established at the regional level. Information on the gang’s activity of illegal trafficking of drugs was conveyed to the Russian State established through actual raids both in Russia and Belarus, and that caused a significant seizure of almost a ton of narcotic substances, cars, homes, and other assets belonging to the gang. The site carried out transactions of about one billion rubles ($9300,000) annually. Dmitry Olegovich Pavlov, whom we indicted for being Hydra’s IT administrator, is already in custody after his arrest in 2022.
Hundreds of UK Ministry of Defence passwords leaked on the dark web
In the last four years, more than 600 military email login codes of Ministry of Defence (MOD) employees have been discovered and used in some cases of dark web data breaches that even reached the sections providing HR, email, collaboration, education, and training services. The thefts were repeated, with 124 stolen logins discovered during the past year. Those affected by these mischiefs are the people of countries like Iraq, Qatar, Cyprus, Europe, and the UK. It is challenging to say if the stolen entrance data was ever utilized since the perpetrator could obtain access to other private information by doing so. The portal uses multi-faceted authentication (MFA), an additional security layer that all public government websites are mandated to have now.
Should Russian intelligence services benefit logically? They must have been incompetent by allowing the credentials to be distributed on a dark website, which would ultimately be discovered. The gadgets engaged either were personal or had been awarded by the military. In either scenario, a higher risk of divulgence exists. Graham Cluley, the cybersecurity expert whose opinion is in the article, claims that the fact that 2FA stands as an obstacle does not mean it is sadly possible to smash into the system. Still, anybody who comes to such a task must master the details of a 2FA code thoroughly or, for instance, get a 2FA code from a user along with the user’s name and password.
At least 20% of cybercrimes involve attackers using the dark web
Lisianthus, the cyber security agency, has recently released a report pointing out that a minimum of 20% of cybercrimes in India involve attackers using the dark web. It is difficult to pin down the dark web as it is a platform that can be accessed via special tools and is also difficult to trace. The study was conducted within two months and relied on crime data from state police, the National Crime Records Bureau, and other relevant portals. The report also mentioned that some hackers had exploited it to launch ransomware attacks on AIIMS in Delhi last year.
Indeed, the dark web has witnessed a two-time hike in the past decade. According to a warning from a recent cybersecurity expert, web users should never give in to any ad of software asking them to grant permission to see their phone book and use other applications. Cybersecurity specialists at Cyber Tech, located in Gurugram, execute cybersecurity audits and security assessments for businesses.
Man goes jail after police found dark web drugs raid
Mr. Andrew’s rival, who is 34 years old and resides in Fe Atherstone, Staffordshire, has been arrested for offenses of selling harmful substances and involving in illegal money transfers. After a thorough examination, local police identified various classes of illicit drugs, including class B and class C drugs such as amphetamines, barbiturates, and anabolic steroids, worth approximately that equates to a kilogram of Class A drugs valued at over £10,000. Moreover, border control officers at Heathrow Airport were quick to identify this criminal network and managed to dice and apprehend the culprit, who had a drug parcel.
RI data leaked on the dark web by hackers
The health and benefits portal RIBridges in Rhode Island has been attacked by unidentified cybercriminals who have stolen an unknown amount of private information. The state’s worker, Deloitte, is communicating with the hackers, but Gov. Dan McKee has stated that no social welfare member should suffer any financial loss because of the data breach. Rhode Island will charge Deloitte for any additional costs incurred due to the hack and recommended that those whose data might be at risk should take security measures, such as freezing their credit with multi-factor authentication. Their goal is to have RIBridges back up and running by the middle of January, stated Brian Tardiff, the state’s top digital officer. He meanwhile cautioned residents of Rhode Island that other cybercriminals are always ready to exploit such events to conduct targeted attacks such as phishing. A phishing attack is perpetrated when the attacker tricks the victim into providing sensitive information (e.g., credit card numbers and bank account passwords) using realistic-looking emails, websites, or fake text messages.
Boxphish snaps up a dark web platform by dealing
Located in Leeds, Boxphish—a company known for managing human risk—has taken over Trillion, a high-tech threat intelligence service that follows up on the arguments on the dark web about credentials. Clients use Trillion’s technology to learn about the leaked credentials related to their business, which further helps them take necessary measures to reduce risks. With this acquisition, security technology company Boxphish has extended its range of products, including phishing simulations, data analytics, and cyber security training courses. In 2020, when Boxphish was founded by serial entrepreneurs Henry Doyle and Dan Bailey, they never would have dreamed that it would grow this quickly; it now has a customer list and even an in-house training course library for sectors of different sizes.
BGF had put in £3.25m in April, which is an encouraging indication. By looking at all account credentials transmitted across dark markets and criminal forums, Trillion can quickly detect risk and notify the users to act according to the expected measures. The company that took over Trillion (Crossword) was glad to have found a new owner (Boxphish) for its technology and clients in Boxphish. Some customers already buy services from both companies, like Leeds United FC and New College Worcester, and now the deal brings long-term customer security.
Russian Supreme Court Punished Hydra Dark Web Kingpin
The Hydra leader, Stanislav Moiseev, was sentenced to life in prison and fined four million roubles (about $37,500) by a Russian court. The group was communicating through the internet in an encrypted form and, at the same time, also using covert drop-offs to deliver drugs of the size of a factory. Police officers could apprehend those participating in their operations thanks to a successful raid. Besides that, they confiscated a considerable amount of drugs, lab equipment, and smuggling-optimized autos. On 6th April 2022, US and German authorities destroyed Hydra’s German-based servers and caught its virtual currency worth. Produced by Meta, the platform had been used as the longest-running dark web marketplace and was estimated to be $1.3 billion, checked on a report by its closing.
After Hydra, dark web proceeds diminished to $1.5 billion, which was way less than in 2021 and a near count of $3.1 billion. Former users and retailers are alone on new platforms like OMG! Blacksprut and Mega Darknet Market have the upper hand. OMG saw its initial rise after Hydra’s downfall but received no additional users after a cyber-attack in June 2022. The court’s decision was the takeover of the group’s vehicles, properties, and land for the state’s benefit. The abilities are to be used in strict-regime penal colonies, and appeals could be made as planned.
