BTC $67153.1824
ETH $3518.8510
BNB $593.1423
SOL $173.6872
XRP $0.5942
DOGE $0.1343
TON $7.2606
ADA $0.4375
wstETH $4130.6503
TRX $0.1348
AVAX $29.1102
WBTC $67151.9777
WETH $3564.0428
DOT $6.3333
LINK $14.2614
BCH $395.7035
UNI $8.0161
LTC $73.0376
DAI $1.0021
MATIC $0.5415
PEPE $0.0000
ICP $10.3297
KAS $0.1811
BSC-USD $0.9979
NEAR $6.2869
FET $1.4598
CAKE $2.0600
ETC $23.9273
APT $7.3661
IMX $1.6421
XMR $163.1140
MNT $0.8986
STX $1.9118
RNDR $7.0054
FIL $4.7122
INJ $27.6326
HBAR $0.0747
ENS $26.4902
WIF $2.6389
MKR $2812.0726
OKB $42.9636
VET $0.0305
TAO $337.2354
ONDO $1.0919
AR $33.5407
ATOM $6.5235
SUI $0.8500
BTC $67153.1824
ETH $3518.8510
BNB $593.1423
SOL $173.6872
XRP $0.5942
DOGE $0.1343
TON $7.2606
ADA $0.4375
wstETH $4130.6503
TRX $0.1348
AVAX $29.1102
WBTC $67151.9777
WETH $3564.0428
DOT $6.3333
LINK $14.2614
BCH $395.7035
UNI $8.0161
LTC $73.0376
DAI $1.0021
MATIC $0.5415
PEPE $0.0000
ICP $10.3297
KAS $0.1811
BSC-USD $0.9979
NEAR $6.2869
FET $1.4598
CAKE $2.0600
ETC $23.9273
APT $7.3661
IMX $1.6421
XMR $163.1140
MNT $0.8986
STX $1.9118
RNDR $7.0054
FIL $4.7122
INJ $27.6326
HBAR $0.0747
ENS $26.4902
WIF $2.6389
MKR $2812.0726
OKB $42.9636
VET $0.0305
TAO $337.2354
ONDO $1.0919
AR $33.5407
ATOM $6.5235
SUI $0.8500
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Credentials are the most delectable treat for cybercriminals

    Who gets paid to steal our passwords and logins?

    Cybercriminals now value user information, like usernames and passwords that let them into different services, very highly. A study from 2023 from Verizon says that 83% of leaks are caused by outsiders. Also, hackers get into company systems and networks 49% of the time by using stolen passwords.

    One of the best tools is phishing, which is a type of social engineering. People are usually tricked by fake emails that look like they are from well-known companies or government agencies and ask them to sign up or log in to a website that looks like it is real. Here, the person gives the scammers his information himself, so there is no need for any other fraud.

    Many security steps have already been made to stop phishing. Because of this, thieves are always getting better and coming up with even smarter schemes.

    Sending a phishing email first, then a call or voice message from a bank or other group is a new method. To get the victim to believe them, this is done. Attacks are also made more specific by using smartphone apps and artificial intelligence (AI) technologies.

    People who are better at phishing sell their tools and tried-and-true methods on the black market. It's known as "phishing-as-a-service" (PaaS).

    One well-known tool is the W3LL panel from the same-named group. It even has its own black market called the W3LL Store. The tool is made to break into Microsoft 365 business email. One of the most advanced forms of phishing that is growing on the dark web, it lets you get around multi-factor authentication.

    Researchers say that this tool was used to break into at least 8,000 of the 56,000 Microsoft 365 accounts between October 2022 and July 2023.

    The W3LL developers are selling more useful things besides the mailbox hacking tool, such as:

    • Email address lists that have been hacked
    • Information on how to get into hacked email accounts
    • Get to info for VPN connections that have been hacked
    • Hackers can get into websites and online services
    • Templates and tools that are already made to organize phishing emails
    • Greatness is a related tool that is also used to get around multi-factor authentication (MFA) and is aimed at Microsoft 365 users.

    An employee is tricked into logging in to a fake Microsoft 365 account by a scam email. For extra safety, the email address is already filled in on the form. Greatness connects to the service and gets around MFA by asking the target to enter the code on a fake page after they enter their password. Hackers can then use this code to get into the real account because it is sent to a secret Telegram channel. To install and set up the Greatness suite, you need an API key.

    On the dark web in 2022, more than 24 billion accounts that had been hacked were for sale. It costs anywhere from a few dollars for a simple account to thousands of dollars to get entry to bank accounts.

    To buy data, you need to be able to get into certain underground sites. This sometimes needs a request from a member who is already there. The information that was gathered is used to commit scams, steal money, and do other illegal things.

    Reusing identities, which means people who use the same usernames and passwords on different sites, is a very big risk. Attackers can get into the company network even if the systems are very well protected. All it takes is for an employee account to be hacked on another site.

    There are numbers that show that more than 80% of people log into different systems with the same login. This is what hackers use to their advantage.

    Companies are told to use special tools to block known passwords that have been stolen to lower their risks.

    One example is the Specops Password Policy service, which lets you keep more than 4 billion passwords out of the Active Directory database. If that kind of password is tried to be set, the system will tell the worker to make a new, safer one.

    So, you can make both business and personal accounts much safer by using an integrated method and modern technologies. This means making it harder for people to commit cybercrime and keeping the company from losing money.

    Author reign3d
    Understanding Backdoors: Their Role and Impact in Digital Security
    Use of Stolen Personal Data: Risks and Realities

    Comments 0

    Add comment