DDW Weekly Highlights in December W4

Resources

2025.01.02

☑️ S2W DDW Weekly Highlights in December W4

🔍 Access to World’s Largest Islamic Banking System in Saudi Arabia for Sale on Dark Web

• On December 21, a post was identified on the Russian Dark Web hacking forum ‘XSS,’ offering access to the system of Al Rajhi Bank, the world’s largest Islamic bank headquartered in Saudi Arabia.

• The seller ‘DARK_ALPHA’ claimed that the access allows control over the bank’s critical infrastructure and loan processing system, as well as viewing personal information and transaction details of over 15 million customers, accessing internal emails, and checking corporate client balances.

• The seller has previously posted content related to Saudi Arabian banks.

✓ Based on S2W's user profiling tool 'Dark Spider,' ‘DARK_ALPHA,’ under the alias ‘Alpha-ransom2,’ sold data related to ‘Saudi British Bank’ on ‘BreachForums’ last September.

🔍 Over 100 Million Global UBER/UBER Eats Users’ Personal Data Massively Breached

• On December 24, the leaked databases of the global mobility platform 'UBER' and the delivery platform 'UBER Eats' were identified on the Dark Web forum 'BreachForums.'

• The threat actor ‘Willfox213’ reportedly offered a 167GB database for sale, claiming it includes information on 37 million 'UBER' users and 88 million 'UBER Eats' users across the globe.

• ‘Willfox213’ attached a sample of the data, which, upon S2W review, was found to include sensitive information such as users’ names, email addresses, registration dates, contact numbers, and countries.

🔍 Customer Metadata from Major Singapore Telecom Listed for Sale on Dark Web

• On December 21, ‘DARK_ALPHA,’ active on Russia’s Dark Web forum ‘XSS,’ uploaded a post offering internal data from SIMBA for sale. SIMBA is one of Singapore’s four largest telecom providers.

• The threat actor claimed that the data includes customer metadata such as corporate clients' call details, IP addresses, incoming/outgoing phone numbers, and billing information.

• The hacker added a specific URL in the sales post, allowing potential buyers to review a sample of the data.

If you want to read more, follow the newsletter as below and visit S2W Inc. website to contact us.

✅ https://s2w.inc/en/contact

* The full report is available upon request and for XARVIS subscribers.

Attachments

[S2W] Darkpedia_Newsletter (20241229)_EN.pdf

Threat Intelligence Reports

Ransomware Group Profiling: Underground

2024.12.27

News Highlights

Weekly Darkweb in January W1

2025.01.08

List

File download request

This is a consent popup for collecting personal information in order to send you an attachment of S2W's Resource. Please enter the following items and submit, and the attachment will be sent to the email you provided. All information you provide will be subject to S2W's privacy policy.

Name *

Email *

Contact number *

Company / Institute name *

How did you find us?*

Agree to all

[Required] Terms of Service View all

[Required] Collection and Use of Personal Information View all

[Optional] Collection and Use of Information for Marketing Purposes

Collected items: Required : Name, Country, Company/Institute Name,Job Title, Email, Contact Number
Purpose of use: For online/offline marketing and advertising purpose Name, Job Title, Email, Contact Number; Delivery of product brochures, newsletters, event information, etc.
Retention period: Until consent for marketing use is withdrawn.