leak_search
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
leak_search [2025/03/06 13:48] kaduuwikiadmin [How up to date is the data?] |
leak_search [2025/05/21 09:38] (current) kaduuwikiadmin |
||
|---|---|---|---|
| Line 28: | Line 28: | ||
| * CSV/TXT files: Common formats for storing text data, typically containing structured information like lists, logs, or tables. | * CSV/TXT files: Common formats for storing text data, typically containing structured information like lists, logs, or tables. | ||
| * Metadata: Additional information about a file or data set that helps to describe, organize, and manage the data more effectively (e.g., time, location, type). | * Metadata: Additional information about a file or data set that helps to describe, organize, and manage the data more effectively (e.g., time, location, type). | ||
| + | |||
| + | |||
| + | ==== How many forums do we cover? ==== | ||
| + | |||
| + | The Ecosystem of Cybercriminal Forums and Channels | ||
| + | The dark web and deep web contain a complex ecosystem of websites where various types of stolen data are exchanged. These platforms include: | ||
| + | |||
| + | * Hacker forums | ||
| + | * Credit card shops | ||
| + | * Stealer log markets | ||
| + | * Document forgery hubs | ||
| + | * Bank credential resale forums | ||
| + | * Telegram channels and groups | ||
| + | |||
| + | These platforms vary in accessibility and intent. Some are public, but most require registration or even invitation. On these platforms, actors either sell or give away data, depending on its freshness, quality, and strategic value. | ||
| + | |||
| + | **Why Some Data is Free and Others Are Sold** | ||
| + | |||
| + | * Free leaks: Often older data, reused credentials, | ||
| + | * For-sale data: Usually fresh stealer logs, newly acquired credit card dumps, banking credentials, | ||
| + | |||
| + | **Data Types Monitored** | ||
| + | Kaduu focuses on the following categories: | ||
| + | |||
| + | * Leaked account credentials (email-password combos) | ||
| + | * Stealer logs (logins, browser sessions, cookies) | ||
| + | * Bank logins (online banking access) | ||
| + | * Credit card data (dumps, fullz) | ||
| + | * Checks and cash-out materials (US, EU, UK) | ||
| + | * Fake or stolen documents (passports, IDs, utility bills) | ||
| + | * Personal Identifiable Information (PII) (name, SSN, address, DOB) | ||
| + | |||
| + | **Our Coverage as of February 2025** | ||
| + | |||
| + | Kaduu monitors a broad range of sources across the darknet and deep web. We distinguish between automated crawling and manual investigations by our analyst team: | ||
| + | |||
| + | * For well-structured sites such as forums where credit card data is traded, or paste sites, we use automated scrapers that visit these platforms at predefined intervals. This process is fully automated, and the extracted data is stored directly in our database. | ||
| + | * | ||
| + | * Our analyst team manually visits a curated list of forums and Telegram channels on a daily basis to identify potential data leaks. After thorough inspection, any relevant findings are manually labeled and uploaded to our system for further analysis. | ||
| + | |||
| + | |||
| + | The following statistics provide insight into our infrastructure: | ||
| + | |||
| + | **1. Forums Specialized in Credit Cards, Accounts, and Checks** | ||
| + | |||
| + | Total monitored: 154 | ||
| + | |||
| + | * Require authentication: | ||
| + | * Tor-based (dark web): 64 | ||
| + | * Clearnet (deep web): 90 | ||
| + | |||
| + | These forums are often highly specialized and structured. Our tools focus on extracting listings of items for sale such as credit card batches or fullz packages. | ||
| + | |||
| + | **2. Hacker Forums** | ||
| + | |||
| + | * Total monitored: 303 | ||
| + | * Visited manually daily: 41 | ||
| + | * Crawled daily by tools: 23 | ||
| + | * Occasionally visited: 239 | ||
| + | |||
| + | Manual visits target forums with irregular structures or where members share free leaks. This enables human analysts to filter, extract, and describe valuable data that might otherwise be missed. | ||
| + | |||
| + | **3. Telegram Channels** | ||
| + | |||
| + | * Total monitored: 538 | ||
| + | * Parsed daily by tools: 534 | ||
| + | * Manually checked daily: 4 | ||
| + | |||
| + | Telegram has become a major hub for distributing stealer logs, combo lists, and free leaks. Parsing tools extract relevant messages and attachments. Manual visits focus on groups with obfuscated or irregular data drops. | ||
| + | |||
| + | **4. Paste Sites** | ||
| + | |||
| + | * Total monitored: 34 | ||
| + | * Parsed daily by tools: 34 | ||
| + | * Manually checked daily: 0 | ||
| + | |||
| + | Paste sites are used to exchange information anonymously. We scrape them daily and save the data in our database. | ||
| + | |||
| + | **Manual vs. Automated Monitoring** | ||
| + | |||
| + | * Manual Review: Crucial for detecting free leaks, irregular formats, and human interpretation. Analysts download and inspect content, match it against existing data, and classify it for clients. | ||
| + | * Automated Scraping: Ideal for structured data listings, especially in well-organized shops. These tools collect sale offers with metadata (e.g., date, price, type of data) and push them into the database for client search and alerting. | ||
| ==== How up to date and accurate is the data? ==== | ==== How up to date and accurate is the data? ==== | ||
leak_search.1741265331.txt.gz ยท Last modified: 2025/03/06 13:48 by kaduuwikiadmin
Page Tools
