Cypher

Leak

 

Password reuse is one of the biggest weaknesses that hackers exploit to gain access to critical accounts. The main function of this application is to give the Security Team a detailed report about their user’s leaked passwords by parsing thousands of database dumps across DARK and PUBLIC web

Parse & Detect

Parse billions of records across the Dark web and the Public web

Contextualize

Connect leaked credentials to past attacks that may have targeted your company

Alert & Report

Alert & Report whenever new leaks contain accounts related to your company

The Why

Password leaks affect almost everyone, so be prepared

Password re-use, alongside the use of professional emails to signup for a variety of services such as social media accounts exposes the employee, and de facto the company, to serious exploitation. With social media accounts leaked on a regular basis, or major database breaches of hotel guests accounts, it becomes almost a certainty that one of your employees credentials will be leaked and dumped on different forums.

NetEase

235 million user records leaked

My Fitness Pal

150 million user records leaked

Linkedin

165 million user records leaked

Adobe

153 million user records leaked

Intuitive Design

Stay alerted the moment a leak is published

Our service is designed to help both public and private sector organizations detect and mitigate cyber threats that leverage stolen email addresses and passwords. Cypherleak leverages a combination of human and artificial intelligence that scours botnets, criminal chat rooms, blogs, Websites and bulletin boards, Peer to Peer networks, forums, private networks, and other black- market sites 24/7, 365 days a year to identify stolen credentials and other personally identifiable information (PII).

Frequently Asked Questions

We are here to answer all your questions and make sure your decision is an informed one. If any of your questions is still unanswered, contact us and we will get back to you

WHAT IS THE DARK WEB?

The Dark Web is a hidden universe contained within the “Deep Web”- a sublayer of the Internet that is hidden from conventional search engines. Search engines like Google, BING and Yahoo only search .04% of the indexed or “surface” Internet. The other 99.96% of the Web consists of databases, private academic and government networks, and the Dark Web. The Dark Web is estimated to be 550 times larger than the surface Web and growing. Because you can operate anonymously, the Dark Web holds a wealth of stolen data and illegal activity.

HOW ARE THE STOLEN OR EXPOSED CREDENTIALS FOUND ON THE DARK WEB?

Cypherleak focuses on cyber threats that are specific to our clients’ environments. We monitor the Dark Web and the criminal hacker underground for exposure of our clients’ credentials to malicious individuals.

We accomplish this by looking specifically for our clients’ top level email domains. When a credential is identified, we harvest it. While we harvest data from typical hacker sites like Pastebin, a lot of our data originates from sites that require credibility or a membership within the hacker community to enter. To that end, we monitor over 500 distinct Internet relay chatroom (IRC) channels, 600,000 private Websites, 600 twitter feeds, and execute 10,000 refined queries daily.

WHAT DOES IT MEAN WHEN A PASSWORD HAS A LONG SERIES OF RANDOM NUMBERS AND LETTERS?

This means the password was published as “hashed” (still encrypted). Hundreds of encryption dictionaries are readily available on the Web, and it’s not uncommon for these passwords to be “cracked” or decrypted and available on multiple 3rd party websites.

DATA SOURCE LOCATIONS & DESCRIPTIONS: WHERE DO WE FIND DATA?

Dark Web Chatroom: Compromised data discovered in a hidden IRC;

Hacking Site: Compromised data exposed on a hacked Website or data dump site;

Hidden Theft Forum: Compromised data published within a hacking forum or community;

P2P File Leak: Compromised data leaked from a Peer-to-Peer file sharing program or network;

Social Media Posts: Compromised data posted on a social media platform;

C2 Server/Malware: Compromised data harvested through botnets or on a command and control (C2) server.

HOW DOES CYPHERLEAK HELP PROTECT MY ORGANIZATION?

Our service is designed to help both public and private sector organizations detect and mitigate cyber threats that leverage stolen email addresses and passwords. Cypherleak leverages a combination of human and artificial intelligence that scours botnets, criminal chat rooms, blogs, Websites and bulletin boards, Peer to Peer networks, forums, private networks, and other blackmarket sites 24/7, 365 days a year to identify stolen credentials and other personally identifiable information (PII).

DOES THE IDENTIFICATION OF MY ORGANIZATION’S EXPOSED CREDENTIALS MEAN WE ARE BEING TARGETED BY HACKERS?

While we can’t say definitively that the data we’ve discovered has already been used to exploit your organization, the fact that weare able to identify this data should be very concerning. Organizations should consult their internal or external IT and/or security teams to determine if they have suffered a cyber incident or data breach.

THE PASSWORD IDENTIFIED DOES NOT MEET OUR NETWORK CRITERIA. WHY SHOULD WE CARE ABOUT THIS?

Employees often recycle passwords throughout their work and personal networks. If your internal requirement is to have a capital letter and special character, it’s common practice for employees to use a password they are familiar with, and add a capital letter and exclamation mark. (Example: Exposed Password: cowboys, Variation: Cowboys!, Cowboys1, Cowboys!1, and so on.) Knowing this, hackers will. run scripts using metasploit frameworks (hacking and pentesting tools) to “brute force” their way into an unsuspecting system.

WHY SHOULD I CARE IF THE PASSWORD IS ENCRYPTED?

While initially a breach might include encrypted data, it’s important to understand that the data is only safe
if the encryption key has not been published. Once the encryption key is published, much of that data is no longer safe. LinkedIn is a great example of this. 164M records were exposed in the LinkedIn breach. The passwords in the breach were stored as SHA1 hashes without salt, the majority of which were quickly cracked in the days following the release of the data.

Contact Us

Email

info@projectcypher.com

Address

In5 Tech Dubai Internet City, Dubai, UAE

71-75 Shelton Street London, WC2H 9JQ, United Kingdom

Plaza No 43, Daisy Road, Sector A, DHA Phase II, Islamabad, Pakistan

 

Get Started

Being pro-active about your cybersecurity is not a luxury anymore, it’s a necessity