Major darknet marketplace Solaris, which is believed to be affiliated with pro-Russian hacktivist group Killnet, had its Tor site compromised by its competitor Kraken, reports BleepingComputer.
Several significant Solaris code vulnerabilities have been exploited to facilitate the takeover of the marketplace's infrastructure, GitLab repository, and project sources, according to Kraken, which noted that it was able to conduct clear text password and key theft in Solaris' servers, as well as disable its Bitcoin server in three days.
"The project has several huge bugs in the code, which to this day remain relevant, you can turn over and over again. Also, storing passwords and keys from your servers in clear text is an even bigger mistake, the lot of schoolchildren from the 5th desk," said Kraken in a note.
Kraken's claims have not yet been validated by the Solaris core team or Killnet, but such an attack is believed to be due to market interests and not political as Kraken has also expressed support for Russia.
Data extortion has been increasingly leveraged by ransomware operations instead of data encryption, with the change in attack techniques fueled by improved ransomware detection systems and stronger law enforcement crackdowns on ransomware gangs, TechRepublic reports.
Real-world Insights from a Sophos Threat Analyst: It’s Great You Have a Firewall, But Here’s Why You Shouldn’t Skip Over MDR
Revolutionizing the essentials: Friction-minimizing approaches to overcoming advanced account takeover (ATO)
Evening the Odds Against Overpowered Cyber Adversaries: A Business Impact Analysis
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news