Search This Blog

Showing posts with label Reddit. Show all posts

Insider Trading Threats on Dark Web

 

Insider trading can be done more effectively now than ever before, due to a great extent to the continuing proliferation of encrypted and anonymous messaging services, and the presence of dark web and underground networks that permit threat actors to discover co-conspirators and speak with them. Verifiably, few dark web forums catered to the trafficking of non-public corporate data; presently, updated technology takes into account these endeavors to be conducted with a lot more prominent operational security. 

Monetarily inspired threat actors or displeased employees would now be able to trade data away from the prying eyes of law enforcement and security researchers, permitting only vetted individuals to access sensitive information being given by insiders. 

Moreover, the clearnet is host to many market trading enthusiast groups, on places like Reddit and Discord. These groups range in size from thousands to millions of clients. Insikt Group found "stock signals" services, giving paid clients tips on which trades to make dependent on the proposal of “analysts”. Given that the root of the data is muddled, the unregulated nature of these services and the utilization of unknown messaging services is concerning. 

One of the verifiably significant sites had been The Stock Insiders, a Tor-based site, active from April 2016 until August 2018. As the name proposes, the site was made with the goal of having a community of clients with insider access at publicly traded companies who would impart it to different clients to advise the stock trades of the larger group. The site has for quite some time been inactive, the administrator isn't responsive to private messages, and there have not been any updates to the main page since early 2018. The explanation that operations stopped has not been clarified however it doesn't seem, by all accounts, to be the consequence of a law enforcement takedown since the website is still technically up. 

While the site is no longer active, it actually gives an instructive perspective on how its operations were done. The Stock Insiders has a couple of visible posts instructing clients about how to enlist an account and listing out the requirements for full membership.

Detection of Suspicious Activity Leads Reddit into Locking Down Its Users Account




The discovery of a suspicious activity has driven Reddit into 'locking down’ a substantial number of its user accounts as a security concern.

Reddit brought up that the main cause of the accounts lockdown is caused by the utilization of straightforward and simple to detect passwords on its site and from the reuse of those passwords on different services. However, the users claim that they were still locked out of their accounts even after utilizing solid passwords and not utilizing the Reddit credentials on different sites.

While a few users reported that their accounts were locked in spite of the fact that the activity page indicates they were the only ones getting to them, others rather revealed that somebody got to their accounts and were accessing them from numerous locations around the world.

The users who were unfortunately locked out from their accounts were requested yet again to reset their passwords to re-establish their respective accounts.

 “Over the next few hours, affected accounts will be allowed to reset their passwords to be unlocked and restored. This will take the form of either a notification to the account (yes, you’ll be able to log in to get it) and/or an email to any support ticket you’ve already sent in.

It may be a little while before you receive your notice, but please be patient. There’s no need to file additional support tickets or send messages to the admins at this time. If you haven’t seen any update by tomorrow, contact us at that time via the Help Centre.

We’re sorry for the unpleasant surprise and are working to get you all back to redditing as usual. I’ll be monitoring this thread for a while to answer questions where I can, but please keep in mind we can’t answer most account-specific inquiries in public,” concluded the Reddit Admin.