ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb: March 2026, Week 2
2026.03.18

☑️ Weekly Darkweb – March Week 2, 2026



🔍 DDoS Attacks on Israeli Defense, Financial Firms Detected on Telegram


• On the 10th and 11th, messages claiming DDoS attacks against Israeli defense and financial firms were posted on the Telegram channels 'BD Anonymous' and 'Conquerors Electronic Army'.


→ [Israeli Defense Company R] On the 10th, the Telegram channel 'BD Anonymous' posted a message claiming a DDoS attack against Israeli state-owned defense company R.


→ [Israeli Defense Company E] On the 10th, 'BD Anonymous' posted a message claiming a DDoS attack along with the domain address of the electronic warfare equipment development division of Israeli defense company E. The company is Israel's largest defense contractor, reporting about $6.8 billion in revenue in 2024.


→ [Central Bank of Israel] On the 11th, the Telegram channel 'Conquerors Electronic Army' claimed a DDoS attack on the Central Bank of Israel, posting an Arabic message calling for a "strong blow" to Israel's financial economy and payment applications.



🔍 Major South Korean Elevator Manufacturer H Targeted By Everest Ransomware


• On the 10th, major South Korean elevator manufacturer H was found listed on the leak site of the Everest ransomware gang.


• The threat actors claimed to have stolen more than 1.1TB of data from company H, stating that if competitors obtain the data, they could replicate product designs, identify supply chains to gain pricing advantages, and accelerate global certification.


✓ Compromised Data: Product engineering data including design and assembly drawings (2010-2016), detailed specifications for elevator materials, KC/CE/EN certification portfolios, global expansion strategies, HR data, and financial data.


• As proof of the attack, the ransomware gang posted images showing a KC certification review email thread, directories of certification and design files, design drawings, CCTV footage, and safety certificates.



🔍 Taiwanese Security Firm C Targeted by New Shisa Leaks Ransomware gang


• On the 10th, Taiwanese security solutions Firm C was listed on the leak site of the Shisa Leaks ransomware gang.


✓ C is a Taiwan-based solutions provider with official partnerships with global IT security companies, including endpoint security giant K and data security firm F.


• As proof of the attack, the ransomware gang uploaded images showing an internal network scan and shared folders, a 55GB list of server and system assets, and a 67GB drive file directory.


→ The Shisa Leaks ransomware gang first emerged in February 2026 and has posted 14 companies on its leak site within a month.



👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Attachments
[S2W] Weekly Darkweb_20260315_EN.pdf
Threat Intelligence Reports
2025 H2 Ransomware Trends Report
2026.03.11
Previous
Threat Intelligence Reports
AI-Powered Threats Case Study #05: OpenClaw
2026.03.18
Next
List