Security researchers have discovered a new Darknet marketplace. Data packages from various companies and price ranges and even free data are offered on Industrial Spy.
Anyone who finds a file with the title README.txt in all folders on their computer these days, which refers to a site called Industrial Spy, should check their computer for malware infection. Security researchers from MalwareHunterTeam have found executable malware that creates these README.txt files. Further investigations by Bleeping Computer revealed that it is distributed using other malware downloaders, most of which disguise themselves as adware or cracks. So it stands to reason that computers hosting the README files are also threatened by other malware, and that Industrial Spy's masterminds have teamed up with other criminals to promote their website.
Advertisement for marketplace Industrial Spy on the dark web
If you run the README file, you will see that it is an advertisement for a new marketplace on the dark web called Industrial Spy, complete with a detailed, albeit spelled and grammatical errors, service description and a link to the TOR page of the marketplace.
The backers promise that one can find there both free and paid private and compromising data of its competitors. "We publish plans, drawings, technologies, political and military secrets, accounting reports and customer databases," the message reads. The data had been captured from the largest companies, conglomerates and corporations worldwide. The criminals penetrated their systems via weak points in the IT infrastructure.
Data prices from free to 1,4 million
Of course, marketplaces for stolen data are nothing new on the dark web, but instead of blackmailing companies with the stolen information, Industrial Spy's backers market their offering to companies that use it to hack confidential information - trade secrets, manufacturing diagrams, accounting records or customer databases - from to reach competitors. Prices for the data for sale range from free to millions. Apparently, the data of an Indian company in the premium category is currently being offered for 1,4 million US dollars, payable in Bitcoin.
Cheap files for 2 dollars - a fake?
But Industrial Spy also has a wealth of options for those on a smaller budget. For example, prospects can purchase a large portion of the listing as individual files for as little as $XNUMX each. Presumably as a bait offer, there is also an extensive free database from which you can select data packages.
Many of the companies whose data appears on Industrial Spy are known to have been victims of ransomware attacks in the past. It is therefore assumed that the operators of the shop downloaded at least part of their offer from the ransomware blackmailers' leak pages. However, since they likely have colluded with other criminal groups for distribution, the same could apply to their “stock”.
About 8com The 8com Cyber Defense Center effectively protects the digital infrastructures of 8coms customers from cyber attacks. It includes security information and event management (SIEM), vulnerability management and professional penetration tests. It also offers the setup and integration of an Information Security Management System (ISMS) including certification according to current standards. Awareness measures, security training and incident response management round off the offer.