Dark Web Posts Advertise Access to British Firms & Data from Brazil, France, and CETDIGIT
Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.
SOCRadar’s Dark Web Team has uncovered multiple new threats this week, including unauthorized access sales targeting British firms, leaked insurance data from Brazil, stolen French credit card records, and a large-scale database breach allegedly involving U.S.-based CRM provider CETDIGIT.
Receive a Free Dark Web Report for Your Organization:
Alleged Unauthorized Access Sales Are Detected for Many British Companies
SOCRadar has detected a new post advertising alleged unauthorized access to several companies operating in the United Kingdom. The threat actor claims to have compromised 40 to 50 corporate clients, including dental clinics, with access to approximately 100 online servers. Each company is reportedly linked to two or three servers. The post states that the access includes remote command execution, file management, and screen sharing.
Alleged Insurance Data of Brazilian Citizens Are on Sale
SOCRadar has detected a post on a dark web forum offering alleged insurance data belonging to 10 million Brazilian citizens. The dataset allegedly includes full names, phone numbers, addresses, and detailed insurance-related information. The actor claims the data can be used for scams targeting policyholders, fraudulent claims, or spam campaigns directed at high-net-worth individuals in Latin America.
Alleged 1,050 Credit Cards Belonging to France Are on Sale
SOCRadar has detected a new listing advertising the sale of 1,050 credit card records allegedly belonging to French citizens. According to the post, the data was obtained through spam activity targeting the Ameli healthcare portal, with a claimed validity rate of around 90 percent. Each record includes credit card number, CVV, expiration date, full name, date of birth, address, phone number, and email. The threat actor offers communication via private messages and provides escrow if the buyer covers the fees. Bidding starts at $3,000, with a step of $500 and a blitz (buy-it-now) price of $10,000.
Alleged Database of CETDIGIT Is Leaked
SOCRadar has detected a post on a dark web forum where a threat actor claims to have breached CETDIGIT, a U.S.-based digital consulting firm specializing in CRM implementation on Salesforce and HubSpot. The actor alleges to have leaked a database containing 19 million user records. According to the post, the dataset includes full names, email addresses, phone numbers, home addresses, job titles, company details, personal metadata, and additional undisclosed information. SOCRadar is actively investigating the authenticity and potential impact of the leak.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.
Article Link: https://socradar.io/access-british-firms-data-from-brazil-france-cetdigit/