Category | Details |
---|---|
Threat Actors | • Unnamed actors operating on hacker forums. • Seeking partners for crypto operations, including password cracking and deepfake manipulation for Binance. |
Campaign Overview | • Detection of multiple alarming activities on dark web forums: new Mirai botnet service, leaked eToro and Xiaomi databases, unauthorized Crypto.com access sale, and a partnership-seeking post targeting crypto-related operations. |
Target Regions | • Global: eToro investors, Xiaomi customers, and Crypto.com users. • Specific focus on Europe (Crypto.com support access). |
Methodology | • Using forums to advertise services like botnet attacks, database leaks, unauthorized access sales, and crypto-related hacking. • Leaking sensitive databases, promoting DDoS attacks, and offering insider access for sale. |
Product Targeted | • eToro: Cryptocurrency, stock, and financial investment platform. • Xiaomi: Mobile phone and electronics company. • Crypto.com: Cryptocurrency trading and payment platform. |
Malware Reference | • Mirai botnet: Distributed Denial-of-Service (DDoS) attacks. |
Tools Used | • Mirai botnet for DDoS attacks. • Deepfake technology for manipulating Binance displays. • Password cracking tools and bypass methods for 2FA and SMS verification. |
Vulnerabilities Exploited | • Leaked databases from eToro and Xiaomi, indicating inadequate security practices. • Unauthorized access to Crypto.com support system. |
TTPs | • Advertisement of services via dark web forums. • Use of obfuscated methods to bypass security measures (e.g., DDoS attack methods, password cracking, deepfake technology). • Database leaks for malicious exploitation. |
Attribution | • No direct attribution to specific groups. |
Recommendations | • Enhance internal security measures and monitor dark web activity. • Regular audits and updates for platforms like eToro, Xiaomi, and Crypto.com. • Tighten access controls and implement better encryption practices for sensitive data. |
Source | SOCRadar |
Read full article: https://socradar.io/dark-web-highlights-xiaomi-data-exposed-etoro-leak-and-crypto-com-access-sale/
The above summary has been generated by an AI language model
Leave a Reply