ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb: January 2026, Week 4
2026.02.04

☑️ Weekly Darkweb – January Week 4, 2026



🔍 U.S. Civic Activism Platform R’s User Data Exposed on the Dark Web


• On January 28, user data from U.S. civic activism platform R was uploaded to the dark web hacking forum ‘BreachForums.’


• Forum user ‘Sythe’ claimed that platform R’s website suffered a data breach this month, exposing information on 3,700 users. The dataset includes over 3,000 email addresses along with names, social media usernames and locations.


• The forum user described the platform R as a “protest website” against U.S. Immigration and Customs Enforcement (ICE), claiming the exposed data also included ICE reports.


• According to S2W’s user profiling tool, ‘Sythe’ has previously posted leaked data from a California court and a U.S.-based online dating service company this month.



🔍 German Automaker V's Financial Subsidiary Core Infrastructure Data for Sale


• On January 27, a post offering internal infrastructure data of a financial subsidiary of German automaker V was identified on the dark web hacking forum ‘DarkForums.’


• The seller ‘hooters_69’ claimed to have obtained detailed information on Active Directory configurations, internal network IP address distribution, and detailed data on specific users. As proof, three of Windows command prompt screenshots were uploaded, including an image showing a list of domain administrator accounts retrieved via command.


• The seller promoted discounts on the data and disclosed his Telegram ID.


• If core financial infrastructure such as Active Directory information and internal IP address distributions are exploited, threat actors could obtain elevated privileges and infiltrate internal systems, requiring heightened security precautions.



🔍 Taiwanese Circuit Board Manufacturer U Infected with INC Ransomware


• On January 26, Taiwanese electronic circuit board (FPC) manufacturer U was posted on the INC ransomware gang’s leak site.


✓ Company U is listed on the Taiwan Stock Exchange and reported approximately USD 62.8 million in annual revenue in 2024.


• The ransomware gang set February 9 as the negotiation deadline and disclosed a leaked data list.


✓ Leaked Data: Corporate customer data (including Taiwan-based global hardware company A, Germany-based global automakers B, etc.), project data, technical documents, design drawings, a total of 430GB.


• As evidence, the ransomware gang attached screenshots of 20 internal confidential documents, including contracts, automotive component data, designs, product specifications, and test reports.



👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Attachments
[S2W] Weekly Darkweb_20260201_EN.pdf
News Highlights
Weekly Darkweb: January 2026, Week 3
2026.01.28
Previous
R&D Columns
Ontology-Driven Problem Solving: 5-Step Strategy for Successful AI Adoption
2026.02.05
Next
List