Major Data Leaks from Honda Vietnam, US Airports, and Chinese Huawei/iPhone Users

Malware News
1

Major Data Leaks from Honda Vietnam, US Airports, and Chinese Huawei/iPhone Users

The SOCRadar Dark Web Team recently discovered a leaked database containing sensitive customer information from Honda Vietnam.

Amidst the sale posts of several other important companies’ data, the team has also found a new insider information service and malware service, posing threats to corporate and email security.

Additionally, data pertaining to Chinese citizens’ Huawei and iPhone users, acquired from major carriers, is being marketed.

Receive a Free Dark Web Report for Your Organization:

Type your domain to get your free dark web report
Free Report

Database of Honda Vietnam is Leaked

Database of Honda Vietnam is Leaked

The SOCRadar Dark Web Team has detected a post in a hacker forum where a threat actor claims to have leaked a database from Honda Vietnam. The alleged leak includes sensitive customer information such as ID numbers, phone numbers, vehicle types, and purchase details.

Unauthorized Network Access Sale is Detected for a French Construction Company

Unauthorized Network Access Sale is Detected for a French Construction Company

The SOCRadar Dark Web Team has detected a post in a hacker forum announcing the sale of unauthorized network access that allegedly belongs to a construction company operating in France. The threat actor’s post specifies the access type as AnyDesk with Domain Administrator privileges, noting that the network is unprotected by antivirus software.

The data involved allegedly exceeds 2TB and pertains to a company engaged in both commercial and residential construction, with reported revenues of €21.2 million. The starting bid for the access is set at $700, with incremental steps of $200, culminating in a Blitz (instant buy) price of $1,000.

Data of Airports in the United States are on Sale

Data of Airports in the United States are on Sale

SOCRadar has detected a post in a hacker forum where a threat actor claims to be selling data related to U.S. airports. The airports in question are described as critical for both domestic and international travel. According to the claim, the data spans approximately 1,168,237,264 records in a file that is 28 GB uncompressed and 3 GB compressed.

The breach, which allegedly occurred in April 2024, includes a CSV file containing sensitive details such as corporate names, ZIP codes, names of owners, health hazards, mailing states, and addresses. The price for the data is $2,000.

New Insider Information Service is Detected

New Insider Information Service is Detected

The SOCRadar Dark Web Team has uncovered details of a new insider information service through a post on a hacker forum. The threat actor involved has developed a software to analyze and distribute sensitive data from an unspecified company, referred to as “Company A” for confidentiality.

The compromised data includes a range of critical business documents such as quarterly reports, lists of suppliers and buyers, future business forecasts (guidance), and details on mergers and acquisitions. Additional data points include product cost calculations, interactions with individuals on sanctions lists, security and risk management reports, technological secrets, dividend information, and extensive details on corporate governance and employee policies.

The threat actor further claims to extract significant financial metrics from quarterly reports, offering insights into revenues, operating and financial profits, various cost and profit margins, and cash flow details. This comprehensive suite of insider information poses a substantial risk to the business operations and integrity of “Company A,” highlighting severe vulnerabilities in corporate data security and the need for stringent protective measures.

New Malware Service is Detected

New Malware Service is Detected

The SOCRadar Dark Web Team has identified a new malware service being advertised on a hacker forum. According to the threat actor, this service provides PDF landing pages designed to bypass email security filters and ensure delivery to mailboxes, even with repeated sends. The service includes features to evade browser alerts and is priced at $250 for 100 PDFs or $1,000 for a monthly subscription with daily updates. This offering highlights an advancement in the methods used by cybercriminals to distribute malware.

Huawei and iPhone Data of Chinese Citizens are on Sale

Huawei and iPhone Data of Chinese Citizens are on Sale

The SOCRadar Dark Web Team has identified a hacker forum post offering for sale the data of Chinese Huawei and iPhone users. Allegedly sourced from China Telecom, China Mobile, and China Unicom, the data includes mobile numbers, names, and other personal details of 62,581,234 iPhone users and 13,788,213 Huawei users. The data is priced at $6,200 for iPhone users and $1,300 for Huawei users, with transactions proposed in cryptocurrencies via escrow.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.

Article Link: Major Data Leaks from Honda Vietnam, US Airports, and Chinese Huawei/iPhone Users - SOCRadar® Cyber Intelligence Inc.