ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb: April 2026, Week 4
2026.04.29

☑️ Weekly Darkweb – April Week 4, 2026



🔍 Israel INSS 15TB Classified Data Reportedly Offered for Sale on Dark Web


• On April 20, a post was identified offering 15TB of classified data from Israel’s Institute for National Security Studies for sale for $800 on the dark web hacking forum ‘DarkForums.’


✓ Institute for National Security Studies (INSS): Israel’s leading security and strategic think tank conducting research on national security strategy.


• A forum user ‘SumudCyberCommand’ claimed access to over 9 million files, including WhatsApp chats of Israeli politicians, internal emails, Iran–Russia military and joint weapons development materials, Iranian sanctions evasion records, and Chinese visa information, as well as chats of a former Israeli Justice and Interior Minister.


• The seller also provided a sample data download link and stated that cyberattacks would continue until Palestine is liberated.



🔍 Japan Convenience Store Giant ‘S’ Internal Data Leaked on Dark Web


• On April 18, Japan convenience store giant ‘S’ was listed on the ShinyHunters ransomware gang’s dark web leak site.


✓ ‘S’ operates over 80,000 stores worldwide and reported Japan sales of about 5 trillion yen last year.


• The threat actor claimed it stole about 600,000 Salesforce records containing customer personal data from ‘S’ and demanded $250,000 in ransom.


• On April 22nd, the threat actor released the stolen data, claiming negotiations with the victim company had failed.


→ The ShinyHunters group has claimed since February that it has stolen Salesforce data from U.S. railroad company ‘A’ and financial company ‘M’ and posted it on its leak site.



🔍 Middle East’s Largest Aluminum Company ‘A’ Targeted by INC Ransomware


• On April 17, Saudi Arabia-based aluminum giant ‘A’ was identified on the INC ransomware gang’s data leak site.


✓ ‘A’ holds about 40% of the Middle East and North Africa market and ranks among Saudi Arabia’s top 100 companies with over $400 million in annual revenue.


• The INC ransomware gang released 787GB of confidential data, including aluminum production data (sheets, assembly, specifications, manuals, and drawings), contracts, financial records, customer data, and HR information.


• Large-scale data leaks at global manufacturing companies could impact trade secrets, supply chain trust, regulatory compliance, and result in significant financial liability.



👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Attachments
[S2W] Weekly Darkweb_20260426_EN.pdf
Threat Intelligence Reports
Threat Group Profile: Silver Fox
2026.04.27
Previous
News Highlights
Weekly Darkweb: April 2026, Week 5
2026.05.06
Next
List