Darknet-Investigation by the Threat-Intelligence-Team

DETECT STOLEN DATA ON THE DARKNET

The latest analyses by our Computer Security Incident Response Team (CSIRT) are worrying: attackers are increasingly gaining access to infrastructures on the Darknet by explicitly searching for remote access solutions. A current warning – and urgent recommendation to companies.

Once the attackers have acquired the credentials, the actual attack follows: they steal data and then blackmail the affected companies. As this usually involves sensitive and critical data, companies (unfortunately) increasingly have no choice but to respond to the cyber criminals' ransom demands.

Our «Darknet-investigation special offer» for companies
We recommend you a Darknet-investigation to search for any stolen credentials offered for sale on Darknet marketplaces in connection with stealers. Our offer includes the following services:

  • Kick-off call & preparation

  • Darknet investigation and evaluation:
    • 1st option: One-off investigation for one domain/use case at a price of CHF 4,450.-
    • 2nd option: Recurrent investigation:
      • Initialization for one domain/use case at a price of CHF 7,140.-
      • Annual for one single domain/use case at a price of CHF 7.680.-
    • 3th option: Customized offer in case there is a need for multiple domains/use cases

  • If required or if the risk situation is delicate, we purchase the credentials for sale on the darknet in the amount of 100$ and analyze them.

  • Summary Report

Are you interested? Simply fill out the form and place a binding order for the desired investigation. You will hear from us again as soon as possible. We look forward to exchanging ideas with you!

 

********************************************************************************************

Example of an affected, globally active industrial company with over 1,500 employees – including the attackers' original statement:

The following case that we recently investigated and which happened in exactly the same way: The attackers stole over 18 gigabytes of data due to credentials acquired on the Darknet. They then approached the victim company with a ransom demand. As the data was extremely sensitive, the company was forced to accept the demand and pay the ransom.

InfoGuard_Darknet-Unterschung_Kunden-Beispiel_Remote-Access-Loesungen

This message illustrates the fact that the actors are explicitly looking for remote access solutions – in this case Citrix. Since the attackers are opportunistic, they changed their objective at short notice and used the credentials acquired on the Darknet to access the cloud.

The attackers went one step further in their communication:

InfoGuard_Darknet-Unterschung_Kunden-Beispiel

On the one hand, this example impressively demonstrates that the handling of company devices should be handled more professionally – and on the other, that one weak link in the chain is enough to cause (collateral) damage.

Prevention is better than aftercare. Therefore, commission InfoGuard's threat intelligence team for a professional Darknet-investigation.

ORDER A BINDING «DARKNET-INVESTIGATION»

FORM LP Angebot Darknet-Untersuchung CDC
Subscribe
Newsletter
InfoGuard
Job Alert
Job Alert

HEADQUARTER

InfoGuard AG
Lindenstrasse 10
6340 Baar
Schweiz/Switzerland
Tel. +41 41 749 19 00
info@infoguard.ch

Office Bern

InfoGuard AG
Stauffacherstrasse 141
3014 Bern
Schweiz/Switzerland
Tel. +41 31 556 19 00

Office Munich

InfoGuard Deutschland GmbH
www.infoguard.de

Office Vienna

InfoGuard GmbH
www.infoguard.at
© 2024 InfoGuard AG