Predicting Cybersecurity Threats from the Darknet

22 January 2025
| No comments
Predicting Cybersecurity Threats from the Darknet
Advertising

Share post

From sophisticated disinformation services to stolen digital identities, smart home vulnerabilities and AI-driven social engineering – these are the main topics currently being discussed in darknet forums

Every December, NordVPN experts predict cybersecurity risks for the coming year. This year, they teamed up with NordStellar Analytics, whose experts analyzed the largest darknet forums to identify the most discussed trending topics. "Although last year's predictions remain relevant, the popularity of various hacking courses and DIY cybercrime kits has noticeably increased. Mass leaks of personal media and customer data continue to circulate in these forums," says Adrianus Warmenhoven, cybersecurity expert at NordVPN. "This year, we went even further with our analysis and looked beyond the most discussed topics to identify five new threats and vulnerabilities that are most likely to have great relevance in 2025," adds Warmenhoven.

Advertising

Account hijacking will continue to increase

The most discussed topics on the dark web, with more than 135.000 comments, focus on so-called "combo lists" - databases filled with combinations of usernames, passwords and other personal data from various security breaches. Another widely discussed topic, with almost 26.000 comments, focuses directly on account takeovers, where this metadata is exploited for unauthorized access.

Since users often reuse passwords across multiple websites, hackers can use the login credentials not only to commit fraud and misuse accounts for malicious purposes (e.g., conducting fraudulent transactions), but also significantly increase the risk of identity theft. Warmenhoven points out this danger, stressing that these attacks will remain very popular and extremely effective among cybercriminals as long as passwords are reused across multiple accounts. He even predicts that this activity will increase in 2025 as criminals continue to obtain more login credentials through new data breaches.

Advertising

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Security gaps in the smart home sector

Another highly commented thread on the dark web forum, which received nearly 21.000 comments, focuses on security vulnerabilities in various smart home systems and applications, including precise instructions on how to exploit those vulnerabilities. The 2024 IoT Security Landscape report analyzed about 50 million IoT devices and uncovered over 9,1 billion security-related events worldwide. On average, home networks are hit by attacks on connected devices more than ten times a day, and that number is expected to rise in 2025. "Hackers are increasingly targeting a wide variety of smart home devices, from security systems to everyday appliances such as smart refrigerators and vacuum cleaners. While some devices can serve as a gateway for network attacks, others, such as home video surveillance systems, can be hacked directly, potentially compromising users' privacy," says Warmenhoven.

Identity theft remains high

Posts about scams are among the top 10 most commented topics on the dark web, where users share tips, tools, and strategies for successful scam attempts. Credit card and insurance fraud are frequently discussed, but identity theft remains the focus of hackers' interest due to its high profitability. As hackers continue to exploit personal information to infiltrate bank accounts, steal credit card details, and commit tax fraud, expect identity theft methods to become more sophisticated.

"Identity theft is evolving, so we can expect new forms of it to emerge over the next year," says Warmenhoven. "One of these is synthetic identity fraud, which fuses real and fake data. Deepfake technologies are often used to increase effectiveness. Another evolving method is reverse identity theft, where people use another person's identity not for financial gain, but to impersonate that person. Criminals use this method to secure a job, access healthcare, or avoid legal consequences. These strategies focus on long-term impersonation of a person, rather than immediate financial gain."

Disinformation as a Service

According to the World Economic Forum's Global Risks Report 2024, AI-generated misinformation is ranked as the second biggest global risk (53%) over the next two years, with extreme weather events ranking first and cyberattacks fifth. The dark web is full of methods aimed at spreading disinformation, including the use of thousands of fake social media accounts and numerous spam emails spreading propaganda. In addition, disinformation bot farms are being developed to spread misinformation on a large scale.

"If we look at current trends on the dark web, it is safe to assume that disinformation as a service will become a significant threat in the next year," warns Warmenhoven. "This solution offered by cybercriminals takes advantage of the creation and dissemination of false information. This highly customizable and adaptable service allows for precise targeting of specific demographic profiles and the manipulation of social media algorithms to maximize impact."

AI-driven social engineering

AI-driven social engineering is expected to become increasingly sophisticated. Although this topic is not as widely discussed, forums are filled with detailed tips, tutorials, and real-world examples of how to benefit from this technique. A significant new trend is the use of AI to detect vulnerabilities, increasing the complexity of tools used to manipulate human behavior to gain information and create effective phishing emails. On top of that, employees make more mistakes and companies are less secure due to AI-based social engineering, as the Business Digital Index reveals.

"We are currently witnessing the emergence of a threat known as corporate manipulation and exploitation, where malicious actors seek to trick company representatives into providing refunds or replacements using a variety of justifications. These forums provide precise methods of gathering information about the company in order to effectively implement the schemes, targeting large companies such as Amazon, ASOS and Walmart," explains Warmenhoven.

More at NordVPN.com

 

About NordVPN

NordVPN is an advanced VPN service provider chosen by millions of internet users worldwide. The service offers features like Dedicated IP, Double VPN and Onion Over VPN Server that help improve your online privacy without tracking. One of the key features of NordVPN is Threat Protection Pro, a tool that blocks malicious websites, trackers and advertisements and scans downloads for malware.

 

Matching articles on the topic

EDR killers are a serious threat

EDR killers are malicious tools that disable the EDR software of compromised systems, leaving them vulnerable to further threats. ➡ Read more

Hacker encrypts 12.000 patient records

Many weeks ago, there was a hacker attack on the MVZ Herz-Lungen-Praxis Hamburg-Bergedorf, a subsidiary that controls the practice information system of the LungenClinic Grosshansdorf ➡ Read more

NIS2 – how a SaaS infrastructure contributes

It is estimated that up to 40.000 German companies will be affected by NIS2 in the future. The directive is intended to improve cyber resilience and ➡ Read more

Zero-Trust Architecture – Opportunities & Risks

Trust is good, control is better: The Zero Trust architecture turns traditional security models on their head by checking every access – ➡ Read more

25 years with numerous cybersecurity challenges

As we approached the year 2000, the IT and business world looked with concern at the infamous “Y2K bug” – a ➡ Read more

DeepSeek and Qwen are the tools of hackers

Criminals are increasingly exploiting DeepSeek and Qwen, using jailbreaking techniques to create their malicious content to commit financial and information theft. ➡ Read more

Passkeys: Efficient management supports CISOs

New security passkey management solution supports organizations with secure authentication, offering IT complete control over the entire lifecycle ➡ Read more

These are the most important security vulnerabilities and attack techniques

The number of reported security vulnerabilities increased by 2024 percent in 38. With the increasing dependence on software systems, the ➡ Read more

PR News
, , , ,