Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?


Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again.

However, questions have been raised over whether it is a genuine attempt to revive the forums once again or set up as a lure by law enforcement to entrap more data dealers and cybercriminals.

Read more…
Source: Malwarebytes labs


Sign up for our Newsletter


Related:

  • OPERA1ER APT in Africa

    November 3, 2022

    In 2019, Group-IB Threat Intelligence team detected a series of targeted attacks on financial organizations in Africa. Later in 2020, our professionals in collaboration with Orange, managed to piece together the seemingly disparate attacks into a single timeline and successfully attribute them to the threat actor codenamed OPERA1ER (also known as DESKTOP-GROUP, Common Raven, NXSMS). In ...

  • Stopping C2 communications in human-operated ransomware through network protection

    November 3, 2022

    Command-and-control (C2) servers are an essential part of ransomware, commodity, and nation-state attacks. They are used to control infected devices and perform malicious activities like downloading and launching payloads, controlling botnets, or commanding post-exploitation penetration frameworks to breach an organization as part of a ransomware attack. Blocking these communications can mitigate attacks, sometimes before they’re ...

  • Black Basta ransomware gang linked to the FIN7 hacking group

    November 3, 2022

    Security researchers at Sentinel Labs have uncovered evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7, also known as “Carbanak.” When analyzing tools used by the ransomware gang in attacks, the researchers found signs that a developer for FIN7 has also authored the EDR (Endpoint Detection and Response) evasion tools ...

  • Attack Surface Management 2022 Midyear Review – Part 3

    November 3, 2022

    With the rise of ransomware and other vulnerabilities, it has been an eventful year in cybersecurity. In part two, Trend Micro researchers discussed these issues at length today as well as their implications on a global scale for both businesses large (and small). In the last and final part of the series, Trend Micro researchers talk ...

  • US Treasury thwarts DDoS attack from Russian Killnet group

    November 2, 2022

    The US Treasury Department has thwarted a distributed denial of service (DDoS) attack that officials attributed to Russian hacktivist group Killnet. These are the same pro-Kremlin miscreants that claimed responsibility for knocking more than a dozen US airports’ websites offline on October 10 in similar network-traffic flooding incidents. The large-scale DDoS attack didn’t disrupt air travel ...

  • Server-side attacks, C&C in public cloud services

    November 2, 2022

    This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. The goal of the report is to inform our customers about techniques used by attackers. Kaspersky researchers hope that learning about the attacks that took place in the wild helps you to stay up to date on the modern ...