Dark Web Monitoring and Database Breaches

Hackers often go after a company’s database and use exposed credentials to do further harm. Here’s how you can protect yourself and monitor for database leaks.

Alex Thomas

September 30, 2021

Introduction

The era of teenage hackers hacking for lulz (popular catchphrase used to express that one carried out a specific action for the sake of personal comic enjoyment) is over. Most hackers are organized and are in it for the money. When a malicious hacker breaks into your website, they are typically looking for something of value, and one of the most valuable things you have is your database. A website’s database holds a variety of things including usernames, passwords, private messages, and all kinds of other sensitive information. 

Over the years, there have been thousands of database breaches ranging from small companies to Fortune 100 companies. LinkedIn, MySpace, Adobe, Vodafone, Equifax, The Home Depot, and Target are all examples of companies that have had sensitive data stolen. Sometimes this data makes its way to the Internet, where hackers use it to compromise corporations and individuals.

If you want to see which database breaches have leaked your credentials, use the website https://haveibeenpwned.com/. Type in your email and it will display if your data has been compromised in a database breach.

Credential Reuse

As stated earlier, there are thousands of instances where a company has had their data stolen. Often, this data can be found on the dark web as well as on clear text web chat rooms and forums. This has allowed malicious hackers the ability to amass billions of emails along with their clear text passwords. This information can be leveraged to perform additional attacks such as password spraying (also called “cracking” on the dark web). 

If a user reuses the same password across multiple sites such as Facebook, Netflix, Spotify, or their bank, then all an attacker needs is their email and password and they have access to everything. Under normal circumstances, this would be impossible, but if your email and password were compromised in an unrelated database breach, hackers could have access to your credentials.

Defense

If you eliminate password reuse, you can eliminate this attack. One of the best ways to do this is via a password manager. A password manager will randomize your password for every site you log into. This means that if your credentials are compromised in a database breach, those same credentials cannot be used to log in to other accounts you own. As a user, all you have to do is install the plugin and the software will handle generating your passwords. This means that not even you will know your passwords; the software logs in for you. Here are two well-respected password managers:

Another solution is to forbid the use of any password that has been compromised in a database leak. Some applications have taken this approach by banning the use of certain passwords, essentially making it impossible to use a password that has been compromised.

Red Sentry Dark Web Monitoring

Red Sentry is a next generation offensive security platform built by some of the best (ethical) hackers around. Our goal is to create a platform that automates as much as we can while also providing you with as much information as we possibly can. The platform has a plethora of features and capabilities, one of them being dark web monitoring.

Red Sentry continuously monitors various channels, looking for database breaches related to our customers. As shown in the image above, clients can view which emails and passwords have been compromised so they can take the appropriate countermeasures. In the future, Red Sentry plans to develop additional modules to leverage these credentials against various applications, such as Outlook Mail. This would allow our customers to be alerted when a compromised credential is actively being used. These types of vulnerabilities just aren’t being monitored by traditional tools and we hope to change that.

Conclusion

One of the most valuable things a company has is their data. When hackers compromise an organization or application, the database is one of the first things they go after. Sometimes these database leaks make their way to the Internet, where other hackers leverage the exposed credentials to perform other attacks, such as trying them against your Netflix account, or worse – your bank. Red Sentry continuously monitors for database leaks, allowing customers the chance to block compromised credentials before they can be used.

Alex Thomas

CTO, Ethical hacker of numerous Fortune 500 companies. Inventor of cybersecurity tools and published author of two books. Dakota State University BS and MS.


Red Sentry is an enterprise cloud penetration testing, asset tracking and monitoring platform designed to save time, operationalize security, and reduce costs.

+1-678-561-3901

Get in touch with us!

48 HOUR PENTESTS !

Now Available! External, Cloud, Web App, and more!