Dark Web Digest – August 2023: Unveiling the Cyber Shadows

Deep Web Digest - August 2023

The dark web is a part of the internet no one knows about. It’s often used for hacking, drug trafficking, and cybercrime. Each month, innovations and events affect the dark web and its users.

This article summarizes some of the most relevant and interesting dark web stories from July 2023. We’ve seen password logs sold for millions of dollars, DarkBERT GPT-Based Malware, hackers publishing Swiss hooligan data, you name it.

This news should be on your radar if you haven’t heard it yet. It shows how the dark web threatens privacy, security, and well-being, as well as society at large. As well, they talk about how to protect yourself from the dark web’s dangers and raise awareness.

We will provide you with additional details, insights, and sources for each news article. This will enable you to take appropriate safety measures and remain engaged in the future.

  • Over 19 Million Password Logs Sold on the Dark Web and Telegram

A recent discovery has shocked the cybersecurity community as over 19 million password logs were found up for sale on the dark web. This alarming development has raised serious concerns among hackers, security experts, and students alike.

According to MyPowerCloud, the massive password log sale was exposed on both the dark web. This highlights the growing sophistication of cybercriminals in their illicit activities. The dark web continues to be a hotbed for illegal trade. This incident serves as a stark reminder of the ever-present threats lurking in the digital underworld.

dark web and telegram

Compromised passwords come from various sources, including well-known data breaches and hacking incidents, putting countless users at risk. For hackers, this new trove of passwords presents a golden opportunity to exploit unsuspecting victims and wreak havoc on their personal and professional lives.

  • Over 400,000 Businesses Credentials Stolen by Info-Stealing Malware

Over 400,000 credentials were stolen, yes you heard right! It is terrifying to see what is happening on the dark web. Well, the dark web experienced a massive data breach as information-stealing malware infiltrated business environments, targeting valuable data in web browsers, email clients, and more. Some experts pointed out that prominent malware families, such as Redline, Raccoon, Titan, Aurora, and Vidar, are available to cybercriminals via a subscription-based model.

These malware campaigns not only affect careless internet users but also pose a significant risk to corporate environments. Approximately 375,000 logs containing access to critical business applications like Salesforce, Hubspot, Quickbooks, AWS, GCP, Okta, and DocuSign were discovered.

Moreover, over 48,000 logs provided access to “okta.com,” an identity management service widely used by organizations. 

The analysis found more than 200,000 stealer logs containing OpenAI credentials, putting proprietary information and source code at risk.

  • 8 Year Old Boy Orders an AK-47 from the Dark Web

In a shocking turn of events, Dutch expert Barbara Gemen discovered that her 8-year-old son had unknowingly entered the dark web’s perilous world and bought an AK-47. Initially innocent, the young boy’s fascination with computers led to dangerous hacking escapades. 

He started with harmless online orders but soon engaged in illegal money transactions with criminals using code phrases to conceal his activities. 

The situation escalated when he purchased and received a deadly AK-47 gun from Poland to Bulgaria, without raising suspicions. Despite alerting law enforcement, no action was taken, leaving Barbara to take matters into her own hands. She became a Cyber Special for the Dutch police, advocating for online safety for her son and others.

This incident underscores the need for parental awareness and education to safeguard children from the dangerous allure of the dark web. This is especially true as easy access to technology exposes them to cybercrime temptations.

  • DarkBERT GPT-Based Malware Trains Up on the Entire Dark Web

You’ve got a safety tool that turns into a threat! You’re right, it is. 

DarkBART is a dark version of Google’s BART AI. DarkBERT, created by South Korean firm S2W, aims to combat cybercrime but has unfortunately fallen into the wrong hands. It’s rumored that CanadianKingpin12 trained DarkBERT using an extensive corpus of text from the Dark Web. This empowered it to conduct more sophisticated cyberattacks.

darkbert

It is even more alarming that DarkBERT will have access to the entire Dark Web as its knowledge base. This will allow threat actors to tap into the collective intelligence of hackers underground. With Google Lens integration, these chatbots can now handle text accompanied by images, making their capabilities even more formidable.

  • Brazil Tops South America in Dark Web Card Theft

Brazil has become a hotspot for dark web card theft, ranking fifth globally and first in South America. Nord VPN cybersecurity study revealed that over 144,000 Brazilian payment cards have been stolen and traded online. In addition, approximately 92,000 cards are currently available for illegal purchase. These stolen cards are sold for $8.84 each, generating an estimated $18.5 million for cybercriminals.

Even more troubling, two out of three stolen credit cards on the dark web contain additional private information, such as phone numbers, addresses, and Social Security numbers, greatly increasing the risk of identity theft for victims.

The study also showed that the United States has the highest number of credit card fraud cases globally. This accounts for more than half of the 6 million stolen card records analyzed. American credit cards sell for a lower price on the dark web, around $6 per unit. Danish cards are the most valuable, averaging R$12.

In the South American landscape, Brazil reported the highest number of stolen payment cards, followed by Chile with 30,000 stolen cards. The highest risk of credit card theft occurs in countries such as Malta, Australia, and New Zealand, while Brazil ranks 38th. Conversely, Russia is the least risky, and China ranks third from the bottom. This study sheds light on the alarming scale of cybercrime and the need for heightened cybersecurity measures worldwide.

  • OpenAI Credentials Available on the Dark Web

The most concerning news is, security researchers have recently discovered a security weakness on the dark web. The OpenAI credentials of over 200,000 compromised users were found available for purchase on the dark web. This incident has raised alarms in the tech community and among cybersecurity experts.

chatgpt data leak

The compromised data includes sensitive information such as login credentials, access keys, and even source code and business plans. Hackers and cybercriminals are now equipped with powerful tools to exploit vulnerabilities and gain unauthorized access to OpenAI systems.

For hackers and security experts, this development serves as a stark reminder of the ever-present risks in the digital landscape. It underscores the importance of staying vigilant and continuously improving security measures.

  • Swiss Hooligans Data Leaked on the Dark Web by Hackers

In the aftermath of a ransomware attack on IT provider Xplain, sensitive data has surfaced on the dark web. This includes an extract from the HOOGAN information system dating back to 2015. The leaked data contains details of 766 individuals listed in the HOOGAN database, a register of known hooligans. However, crucial information about their offenses and actions is missing.

Fedpol, the Federal Office of Police, acted swiftly to inform the affected individuals and is actively investigating the transmission and storage methods used during the attack. The breach also exposed sensitive government data belonging to the federal police, army, and the Federal Office for Customs and Border Security. Consequently, the Office of the Attorney General and the Federal Data Protection Commissioner have initiated separate investigations.

Fedpol aims to reassure the public that HOOGAN’s database remains secure and operational despite the breach. As per the latest data, the HOOGAN database listed 1,017 hooligans as of June 2023. Of these, 332 individuals face ongoing measures such as exclusion orders, stadium bans, and reporting obligations. The data relating to police measures will be retained for three years following their conclusion.

  • A dark web AI tool called “FraudGPT” facilitates cybercrime

A new AI tool following in the footsteps of ChaosGPT and WormGPT. This tool is now making its presence felt on the dark web and Telegram, catering to cybercriminal activities and raising serious concerns.

FraudGPT is being sold on Dark Web Forums and Telegram for prices ranging from $200 to $1700 per year.

The Chat GPT Fraud Bot offers unrestricted exclusive tools and features for users. FraudGPT has limitless potential, and the promoter claims that users can use it to perform any desired tasks. So far, FraudGPT has been confirmed to have sold over 3000 copies.

FraudGPT is a colossal risk because it can make believable fake websites and write harmful code. Taking advantage of this all-in-one solution, scammers can appear more believable, so they can cause greater damage on a larger scale. 

In addition to WormGPT, another AI cybercrime tool has been discovered on Dark Web forums. As a blackhat alternative to GPT models that is specifically tailored for malicious activities such as phishing and business email compromise, WormGPT is marketed as a tool for phishing and business email compromise.

  • Dark web investigation leads to charges against Perth man

A 49-year-old man from Marangaroo, Western Australia, is facing serious charges related to online child abuse. The WA JACET charged him on July 3, 2023, for his dark web activities, which were reported by the ACCCE.

The police found 17 videos of child abuse on his computer in June. The man allegedly visited multiple dark websites to access such content and used various tactics to avoid detection.

Detective Hinscliff condemned viewing child abuse material and warned online offenders that law enforcement would pursue them relentlessly, even if they use the dark web or anonymizing technologies.

The charges brought against the man include possessing and accessing child abuse material, both of which are violations of the Criminal Code 1995 (Cth). If convicted, he could face up to 15 years in prison.

The partners of the Australian Federal Police and the police themselves are determined to fight against child abuse and exploitation. The ACCCE’s role is to make the digital world safer by tackling online child sexual exploitation.

  • Man Jailed for Importing Explosives After Dark Web Plot

Finally, in dark web august digest, we got a shocking case that has come to light involving a 36-year-old Żebbug resident, Jomic Calleja Maatouk, who was sentenced to five years in prison for his involvement in a dark web plot to illegally import explosives from the United States. 

The court deemed Calleja a “lethal weapon,” capable of inflicting “chaos and destruction.”

Jomic Calleja Maatouk’s dark web plot involved seeking lethal poisons, but when unsuccessful, he turned to explosives. Foreign security services alerted investigators about his attempts to get deadly chemicals. The poisons seemed to target a specific person, and he aimed to buy “five doses” but was advised to start with one. Investigators also found an order for C-4 explosives. Maltese investigators executed a controlled delivery operation to stop the threat. Facing many charges, Calleja pleaded not guilty, but the court considered his criminal record. Magistrate Donatella Frendo Dimech emphasized the need to protect society, resulting in a five-year prison sentence for rehabilitation and public safety.

The court ordered the forfeiture of €51,000 in bail bonds, revoked Calleja’s bail, and issued an immediate re-arrest. Additionally, he was required to cover €2,827.08 in court expert expenses.

This case serves as a stark reminder of the potential threats lurking on the dark web and the importance of vigilant law enforcement efforts to protect the public from harm.

I'm Chester Li, a cybersecurity and cryptography specialist based in Beijing, China with over a decade of experience. I focus on securing digital infrastructures and protecting sensitive information worldwide.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top