BSI Espion believes the growth of legitimate service providers who trawl the hidden web for leaked corporate data further illustrates the complex and perplexing information security challenges organisations can face in today’s world. The Dark Web (which is part of the Deep Web) is a portion of the Internet that’s intentionally hidden from search engines, uses masked IP addresses and is accessible only with a special web browser.
Often, this is where threat actors buy and sell leaked and hacked data (such as credit card numbers, e-mail address lists, social security numbers, health records and more) for hidden services, Dark Web markets, paste sites and password-protected criminal forums.
There’s another breed of anonymous Internet user operating on the Dark Web. ‘Data hoarders’ are collectors, copiers and archivers of breached data. LeakedSource, Vigilante.pw and Leakbase are examples of websites that host mountain-sized repositories of databases which the general public can search. Those behind these hacker ‘data dump’ sites also leverage new and traditional media in order to publicise their high-profile spoils.