Ofir Harpaz and Omri Marom, cyber researchers from the Israeli company Gardicor, uncovered an assault network that offers for sale 250,000 databases in the dark web. The databases were stolen in 83,000 different hacks made on the servers of companies and organizations, with hackers offering them for sale at a price of $ 550 per database, which will be transferred to them in Bitcoin.
The investigation revealed that the repositories were stolen from MySQL systems by guessing weak passwords. The attacks were carried out by servants in Britain and Ireland, but investigators believe this is a disguise of the true whereabouts of the attackers. A total of 7 terabytes of data have been stolen and offered for sale, making the sale event one of the widest ever made.
The attackers initially tried to get ransom from companies that were harmed and were partially successful in doing so. So they turned to offering the databases to outsiders through a sales website they set up on the Dark Web. Guardicor researchers have updated the community of security managers around the world on the exposure so that the affected companies will be aware that the information extracted from them is now for sale
According to Harpaz, the widespread attack and information gathering relied on a basic security failure of the organization’s management in an Internet-exposed system, rather than in a closed internal organizational system, with the system protected only by a password that is often easy to guess. The solution to this is in the full control of the network administrators over the internal traffic so that the access to the sensitive information servers will be only for the appropriate users and separation between them and exposed servers. Unfortunately, once the information leaves the organization it is no longer possible to stop trading in it and passing it on to interested parties.
The cyber Guardicore company was founded by Dror Selai, Pavel Gurevich and Ariel Zeitlin and develops comprehensive protection software for enterprise cloud systems and internal servers for companies in the fields of finance, e-commerce and technology and educational organizations. The company employs 200 people in development, sales and customer support centers in Israel, the United States, Canada, Brazil, India, Mexico, Western Europe and Ukraine.