Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?


Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again.

However, questions have been raised over whether it is a genuine attempt to revive the forums once again or set up as a lure by law enforcement to entrap more data dealers and cybercriminals.

Read more…
Source: Malwarebytes labs


Sign up for our Newsletter


Related:

  • Carnival Cruise Cyber-Torpedoed by Cyberattack

    June 18, 2021

    Carnival Corp., the world’s largest cruise-ship operator, has sprung another leak: For the second time in a year, attackers have breached email accounts and accessed personal, financial and health information belonging to guests, employees and crew. Carnival has quite the armada: Its cruise brands include Carnival Cruise Line, Princess Cruises, Holland America Line, Seabourn, P&O Cruises ...

  • Kremlin spokesman lists top countries where cyber attacks originate

    June 17, 2021

    Kremlin Spokesman Dmitry Peskov has prepared a list of the top countries, where cyber attacks originate, at the request of Russian President Vladimir Putin, handing over this list to reporters. “In the first half of 2020, the leaders among all countries where all types of cyber attacks originated are: the US, Canada, Brazil, Mexico, the UK,” ...

  • Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions

    June 17, 2021

    A recently discovered Bash ransomware piqued our interest in multiple ways. Upon investigating, we found that the attack chain is fully implemented as a bash script, but it also seems that the scripts are still under development. Most components of this attack mainly target Red Hat and CentOS Linux distributions; however, in some scripts Debian-based Linux ...

  • Matanbuchus: Malware-as-a-Service with Demonic Intentions

    June 16, 2021

    Unit 42 researchers often spend time investigating what we call non-traditional sources. Non-traditional sources often include underground marketplaces and sites, spanning from forums on the Tor network to Telegram channels and other marketplaces. One such case that we investigated involves a threat actor called BelialDemon, who is a member of several underground forums and marketplaces. In ...

  • Ukraine arrests Clop ransomware gang members, seizes servers

    June 16, 2021

    Ukrainian law enforcement arrested cybercriminals associated with the Clop ransomware gang and shut down infrastructure used in attacks targeting victims worldwide since at least 2019. According to the Cyberpolice Department of the National Police of Ukraine the ransomware group is behind total financial damages of roughly $500 million. Read more… Source: Bleeping Computer  

  • Ransomware Poll: 80% of Victims Don’t Pay Up

    June 16, 2021

    Ransomware is on the rise, but what toll does it take on the real world? Threatpost set out to answer that question in an exclusive poll aimed at taking the pulse of organizations wrestling with attacks, including looking at mitigations and the defenses organizations have in place. When viewed against the backdrop of complementary reports from ...