Dark Matters BLOG: Analysis

Category Is: Another Data Aggregator Breach

Category Is: Another Data Aggregator Breach

Security researchers recently discovered an unsecured database containing hundreds of millions of personal information records. In addition to the personal information — which was stored in plain text — the database also contained corporate data, including information...

Trends and Projections: Shifting Law Enforcement

Trends and Projections: Shifting Law Enforcement

In late 2018, Terbium Labs released Trends and Projections in the Dark Web Data Trade, highlighting our predictions for the coming year. Over the coming months, we will unpack those trends in a series of blog posts highlighting the events that shaped our predictions...

Collection #1: Why You Should Care but Not Panic

Collection #1: Why You Should Care but Not Panic

January is not yet over and 2019 has already brought us the second biggest collection of stolen data in history. Unlike traditional data breaches, Collection #1 is actually a massive collection of smaller credential stuffing lists containing username and password...

The Nine Lives of a Stolen Payment Card

The Nine Lives of a Stolen Payment Card

Banks today are all too familiar with the perils of payment card fraud, which has reached a 20-year high. In most cases of a fraudulent charge, the bank will absorb the cost or recoup it from the merchant, close out the impacted payment card, issue a new card, and...

The Truth About Dark Web Pricing

The Truth About Dark Web Pricing

"But how much does my data cost on the dark web?” Occasionally articles and reports appear breathlessly listing the price for a credit card or Instagram account on the dark web. These articles provide only a small snapshot of dark web activity. Asking how much data...

Should Companies Try to “Buy Back” Their Stolen Data?

Should Companies Try to “Buy Back” Their Stolen Data?

Data is always at risk. In 2018 alone, industry giants such as Macy’s, British Airways, and Panera are only a few of the many that have fallen prey to a breach. Once a data breach occurs, a mad dash to figure out what went wrong soon follows: determine where the...

Book Review: Into the Web of Profit

Book Review: Into the Web of Profit

The popular image of a cybercriminal remains a highly trained computer genius (probably wearing a ski mask, for some reason) sitting in front of a keyboard and “hacking into the mainframe.” This kind of imagery implies that these actors steal because they are “bad...

Excuse Me, Are You Using That Child Tax Credit?

Excuse Me, Are You Using That Child Tax Credit?

Even with the turmoil taking over the dark web’s major marketplaces earlier this year, fraud vendors have set up new shops just in time for tax season. While many people won’t think about filing their tax returns until March or April (or even later, if they file an...

Dark Web Instability: What Happened To All The Markets?

Dark Web Instability: What Happened To All The Markets?

The last few months have not been kind to dark web markets. After a year-long period of relative stability, two major markets went dark in July - and that’s just the beginning. In the last two weeks, almost all the remaining marketplaces have gone down - and stayed...

The Rise Of Politically Identifiable Information

The Rise Of Politically Identifiable Information

During the Super Tuesday primaries this year, while everyone was focused on the latest results, someone quietly leaked the names, home addresses, and contact information for every GOP delegate in a western state. The list was up for a day or two, and then went away,...

Inside the Dark Web: Fraud Guides

Inside the Dark Web: Fraud Guides

Dark web markets often conjure thoughts of illegal and stolen goods - like drugs, data, and weapons. But these markets also peddle criminal methods, which appear in tens of thousands of fraud guides across several dark web markets. In an effort to further combat the...

Excuse Me, Could I Borrow Your W-2?

Excuse Me, Could I Borrow Your W-2?

Tax season is here, and with it a new wave of personally identifiable information (PII) leaks. Due to the high volume of information being passed around, it is easy for some of it to end up in the wrong hands. W-2 forms often go from payroll companies, to employers,...

This Week: Rising Fraud, and Cute But Dangerous

This Week: Rising Fraud, and Cute But Dangerous

This week we saw that information security threats are still on the rise, and can appear in ways we don’t expect. New reports show that online fraud was on the rise in 2016 as retailers have continued to support EMV credit cards in their stores. A children’s toy...

This Week: Steep Discounts and Limited Loyalty

This Week: Steep Discounts and Limited Loyalty

This week, researchers at Carnegie Mellon University proved the point on loyalty, while Yahoo provided another sobering example of the far-reaching effects of a breach. And a recent arrest in Germany shows that that sometimes paying for an extra stamp can be the...

Dark Web Forums: the Underbelly’s Underbelly

Dark Web Forums: the Underbelly’s Underbelly

The dark web is known for a few things - drugs, fraud, scams, and far too many poorly designed webpages. But underneath those notorious markets and carding sites lies a community that just wants to talk - about anything and everything. Forums on the dark web tend to...

This Week: Dark Web Chats and User Error

This Week: Dark Web Chats and User Error

This week, two prominent dark web markets - AlphaBay and Hansa - found their customers’ data leaked online by an individual who previously warned the market administrators about the vulnerabilities. Meanwhile, an Australian agency accidentally leaked the personal...

This Week: Ransomware Goes Gold

This Week: Ransomware Goes Gold

A new FBI leak appeared to ring in the new year, but many believe that the “leak” contains false information. Goldeneye ransomware set a gold standard for exploited HR departments, and the squirrels are up to no good. GOLDENEYE FOR RANSOMWARE Recently, cyber criminals...

This Week: Unhappy Accidents and Avoidable Leaks

This Week: Unhappy Accidents and Avoidable Leaks

What do a typo, a hacked database, and a tweet have in common? Leaked credentials. This week we saw three major leaks that could have been avoided. While we are constantly advised to be on the lookout for malicious actors, sometimes we are our own worst enemies. YOU...