Skip to content

Threat Reports

Threat intelligence research and analysis.

For Business or for Banter: Who Roams the Dark Web? (and Why?)

For Business or for Banter: Who Roams the Dark Web? (and Why?)

Behind every underground forum username lies a unique individual with his or her own personal motivations for logging in. In Cybersixgill’s latest research, Forumology II: Journey of a Threat Actor, we discovered something interesting: a correlation between why an actor uses a forum and how often the actor posts.

Underground Financial Fraud H1-2021

Underground Financial Fraud H1-2021

Financial data is a valuable commodity on the digital underground, with payment card information constituting one of the more common items listed for sale. The data maintains a crucial role in the cybercrime ecosystem, as sellers are able to easily monetize the stolen information for buyers to utilize for various

Behind the Meteoric Rise of OpenBullet

Behind the Meteoric Rise of OpenBullet

A powerful, open-source penetration testing tool has become the password cracker of choice on the dark web, and its users are increasingly focused on getting access to streaming entertainment. In fact, interest in cracking Netflix passwords is almost as popular as cracking Amazon, eBay, and Walmart accounts combined. The tool

ToxicEye Shows Messaging Apps Can Be a Gateway to Cyberattacks

ToxicEye Shows Messaging Apps Can Be a Gateway to Cyberattacks

A Remote Access Trojan (RAT) dubbed ‘ToxicEye’ continues to maintain wide popularity in the underground three years after its initial release. This malware, used to infect devices via the Telegram messaging app, provides threat actors complete control over a victim’s device. Telegram, the most downloaded app across both Android

Hardware Spoofing Lets Gamers Evade Cheating Bans

Hardware Spoofing Lets Gamers Evade Cheating Bans

For $65 per year, you can cheat all you want in video games. You might think gaming and esports are harmless arenas where young people get to blow off some steam and have fun. Esports are big business, with professional gamers and streamers competing for cash or the eyeballs of

2020 in Review: The Deep and Dark Web Got Deeper and Darker

2020 in Review: The Deep and Dark Web Got Deeper and Darker

There is no need to say that 2020 was ground-shaking. The pandemic affected just about all aspects of life in ways that we are only starting to understand. It tremendously impacted the cyber underground as well. Nearly all of Cybersixgill’s research reports dealt directly or indirectly with the impact

How many users frequent dark web forums, and how active are they?

How many users frequent dark web forums, and how active are they?

Discussions of underground forums can evoke imagery of a city’s shadowy back alleys, populated by faceless figures. Speaking in whispered undertones, they meet one another, collaborate in criminal schemes, and transact contraband and prohibited services. But just how many actors are there altogether on these forums? Do dark web

‘Tis the Season: Fraudsters Have All the (Re)fun(d)

‘Tis the Season: Fraudsters Have All the (Re)fun(d)

Everyone knows that the best part of the holiday season is returning the stuff you don’t want for cash to buy the stuff you do. But for cybercriminals, every day is the day after Christmas. Our latest research report, “Terms and Conditions Apply: Refund Fraud on the Dark Web”

Tough Pill to Swallow: Dark Web Threats to the Healthcare Industry

Tough Pill to Swallow: Dark Web Threats to the Healthcare Industry

As the world races towards a coronavirus vaccine, the healthcare industry has remained a focal point for cybercriminals. And while threat actors have consistently targeted the industry, and references to healthcare have increased on the underground due to the pandemic. According to data taken from Cybersixgill’s portal, references from

Underground Reveals Popularity of Cyberattacks on Schools

Underground Reveals Popularity of Cyberattacks on Schools

Many schools face a unique breed of insider threat: their own students. Whether motivated by boredom or personal gain, students pose an outsized risk to their own schools. That’s due in large part to the tools and services available to them on the dark web. They can find new

#BreachPlease: How Hackers Outsmart Social Media Platforms

#BreachPlease: How Hackers Outsmart Social Media Platforms

It’s getting harder for criminals to fake their way to social media fame. Yes, people can still buy followers and engagement. But the process isn’t exactly simple. It’s more expensive and requires more skill. Researchers at Cybersixgill recently examined the market for social media hacking on the