Dark Web Digest – March 2024 Edition

Dark Web Digest - March 2024

This month also brought up a lot of happenings in the dark web, the hidden part of the internet that is often used for illegal and malicious activities. From ransomware attacks and cybercrime crackdowns to AI phishing and zero-day exploits, the dark web in 2024 has seen the emergence of new types of cyber threats and criminal activities. 

Let’s discuss some of the most notable and alarming events that took place in the dark web in February 2024, and what they mean for the security and privacy of users and organizations.

34 million Roblox credentials have been leaked on the dark web

There have been a lot more cybercriminals working between 2021 and 2023, as 34 million Roblox accounts were found on the dark web. There were 4.7 million hacked accounts in 2021, but there were 15.5 million in 2023, which is a 231% increase. 

The number of hacked accounts on 11 game platforms, such as Twitch, Electronic Arts, Sony PlayStation, and Steam, has increased by 112% since 2021, according to the Kaspersky Digital Footprint Intelligence report. Cybercriminals often use sneaky tricks, like putting info stealers in cheat code files or posting harmful download links on popular sites like YouTube to take advantage of students’ trusting nature.

Criminals are often more interested in Steam accounts because they can be used to steal real money. Roblox accounts are still being used to get in-game gold and other valuable items, though. Platform owners can make their sites safer by using special services to find and quickly block accounts that have been hacked. 

Using different passwords for each service, using two-factor authentication whenever possible, and using reliable security solutions are just a few of the security steps that people and businesses can take to lower the risks of password leaks.

The FBI and its partners take down the dark website of the world’s most active ransomware gang

The FBI and its partners around the world have taken down a dark web site that LockBit, the most prolific ransomware gang in the world, used to demand money from its victims. LockBit has been a threat to businesses all over the world, including US healthcare companies. 

The NCA and FBI have made software that hackers may be able to use to unlock the computers of “hundreds” of people around the world. The 

NCA statement suggested that LockBit had been hacked for a long time, which let police get the hackers’ “source code.” 

Taking over a ransomware group’s dark website pushes cybercriminals to build new computer systems to use to demand money from victims, and it can also mean that police have more access to the hackers’ networks. 

LockBit is thought to have members or illegal partners in China, Russia, and Eastern Europe. Hackers have put information about LockBit victims online, which shows that it makes up a quarter of the ransomware market. Private and public agents all over the world will be watching what LockBit does next. Ransomware gangs, which are often based in Eastern Europe and Russia, have been fighting the FBI and its partners around the world for a long time. This operation is the latest step in that fight.

A dark web drug dealer is sentenced to 10 years

Gabriel Alva, a 32-year-old cybercriminal from Los Angeles, was given a $1.3 million cryptocurrency term after being found guilty of planning to use the dark web to sell heroin, cocaine, and methamphetamine. 

Under the fake names Diablow, RaiseAppeals, and RaisedByDiablow, Alva and his partners sold drugs illegally on the Silk Road, Dream, and Nightmare boards. 

They took cryptocurrency as payment and sold drugs like crystal meth, heroin, cocaine, and more. In 2019, federal officials raided Alva’s home and found 24 kg of methamphetamine, 2 kg of heroin, and 2 kg of cocaine. This was the end of Alva’s drug life. The feds also took six guns, including a Remington shotgun, a Smith & Wesson assault rifle, and an AR-15 assault rifle that had not been made into a special weapon.

Thousands of stolen anydesk login credentials for sale on the dark web

Cybersecurity experts have found several threat actors selling hacked AnyDesk accounts on a site in the Russian language on the dark web. The recent security breach and the sale of AnyDesk login credentials are not related. 

The recent security breach was caused by infostealing malware infecting PCs to steal private information. A threat actor going by the name “Jobaaaaa” has been seen selling Bitcoin or Monero (XMR) worth $15,000 from 18,317 hacked AnyDesk accounts

The trades were made possible by escrow services. However, Alon Gal of Hudson Rock has disagreed with Resecurity’s results and said that the threat actor is selling more than 30,000 AnyDesk accounts. The hacked AnyDesk accounts are being sold on Exploitin, a Russian-language website for cybercrime and hackers. 

If your account works, terrible things could happen, like losing money, having your data or identity stolen, having your image hurt, having your business interrupted, or even being hit by ransomware.

FBI effort to target illegal dark web crimes, a man was arrested in Malta

A 27-year-old Maltese man was arrested on suspicion of working with others to sell malware on the dark web and giving advice on the Hack Forum. A type of malware called a remote access Trojan (RAT) lets hackers get into victims’ computers or servers without permission. 

This lets them manage them from afar and maybe even take advantage of them. The Maltese Police’s Cybercrime Unit was in charge of local investigations after the US asked for help. The suspect was caught at work in Gudja, and searches in several places turned up important evidence that is being used in the case. 

He agreed to be sent back to the US, where he will be charged in a federal court. Until further court hearings, he is being held in custody at the Corradino Correctional Facility. 

Law enforcement agencies from several countries, including Nigeria, worked together with Europol to go after the sale of illegal software on the dark web at the same time. A Nigerian partner who lived in Nigeria was also caught as part of the probe.

An Indian guy was arrested for selling 4500 GB of private data on the dark web

The hacker Amit Chand, who is 21 years old and from Rajasthan, was caught illegally viewing and selling private data on the dark web that belonged to the governments, military, and people of India, the US, China, and Ukraine. 

Chand also kept over 5 lakh people’s Aadhaar cards, PAN cards, and other payment information. Also found were files that belonged to the Islamic States and the Taliban. 

The house of Chand in Srikaranpur’s 49F village was searched by the Intelligence Bureau (IB) and district cops. They found 4,500 GB of data on several devices. 

Chand has been working on the dark web since 2018, but people have started to doubt him after he became more aggressive in the last two to three months. During the raid, authorities found more than 90 million US records as well as a lot of records from the Islamic State and the Taliban. The cops and IB are questioning Chand.

Sussex man sentenced to jail for running child abuse site worldwide

Martin Yates, a guy from Eastbourne, went to jail for his part in running The Annex, a global blog about child abuse on the dark web. About 90,000 people around the world were members of the site, which shared sexual abuse videos of babies and children. 

Between January and September 2020, Yates was the site’s assistant editor. He made sure rules were followed, gave advice on how to keep the site safe, and trained other people. He admitted that he planned or helped with the sexual abuse of children, made and distributed four obscene pictures of children, and had one otherwise illegal picture of a child. 

The National Crime Agency (NCA) and the Federal Bureau of Investigation (FBI) went after the admins of the site. 

Also sent to prison for 16 and 6 years were Nathan Bake, 28, and Kabir Garg, 34. William Spearman, who is 58 years old, was given a life sentence in jail in the US in January. In the US, 14 more men have been charged for their part in trying to run the site.

Man jailed for 16 years for tempering child abuse site

A car mechanic named Nathan Bake, who is 28 years old, was given a 16-year prison sentence at Chester Crown Court after admitting to 12 crimes linked to creating and moderating dark websites where child abuse content was shared. 

A man from Alabama ran the site The Annex, which had almost 90,000 users from all over the world. Bake was in charge of moderating it. Adult content like “hurtcore” and violent content involving babies and children were shared on the site. 

Branch commander of the National Crime Agency (NCA) Adam Priestley said that the spot was safe for everything. Prosecutor Anna Pope said that users would start by going to a “gateway” on the site using the Tor browser. 

They would then have to “gain the trust” of the people running the site before they could be sent to other places. 

Bake worked his way up in the online group for child molesters and was made second-in-command when the head moderator was arrested in May 2022. After Bake was arrested in November 2022, more than 3.6 million sexy pictures were found in his home.

Norton introduces tool for real-time tracking

There is good news above all trends, even though there are dangers. Dark Web Monitoring is a new tool that Norton has launched for Indian users. With this add-on to its security solution, users can see in real-time if online stores have their personally identifiable information (PII). 

This gives people the chance to fix the problem, like calling the bank or changing their passwords, to avoid scams. Norton says that, unlike digital companies like Google, its tool does everything. 

The Aadhaar numbers, ID numbers, and phone numbers of 815 million Indians were found on the dark web in 2023. As well as gamer tags, the tool can keep an eye on up to five insurance account numbers, email addresses, phone numbers, and up to ten credit card numbers. 

Norton tells people to be careful about giving out personal information online and to log out of temporary email accounts when they’re done using them.

I'm Chester Li, a cybersecurity and cryptography specialist based in Beijing, China with over a decade of experience. I focus on securing digital infrastructures and protecting sensitive information worldwide.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top