ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb in July W3
2025.07.23

☑️ Weekly Darkweb – July Week 3, 2025



🔍 Taiwan Government, Companies Reportedly Targeted by Russian Hacktivists


• The Russian hacktivist group “Infrastructure Destruction Squad” recently published a Telegram message claiming responsibility for attacks on both public institutions and private firms in Taiwan.


• [07/14] The group stated that it had disrupted Taiwanese institute G’s systems, deleted stem cell research data, and attacked industrial infrastructure. It also released a video showing access to the institute’s internal network.


• [07/16] The group claimed it had gained unauthorized access to the energy monitoring system in New Taipei City. It asserted access to a system for "monitoring and analyzing electricity consumption inside a sensitive facility," and shared a video as proof showing the interface and internal financial balances.


→ The hacktivist group stated it would launch attacks against any country hostile to the Russian Federation and is believed to have carried out operations in Taiwan, Spain, the United States, and Italy.



🔍 B-2 Blueprints, NIGHTFALL Hacking Tool Leaked on Dark Web, Raise Concerns


• On July 14, classified documents related to the U.S. B-2 stealth bomber “Specter” and the sophisticated hacking tool “NIGHTFALL” were found for sale on the Russian dark web forum Exploit.


• B-2 Compromised Details: Include radar-evading manufacturing methods, flight control system operations, and weapon bay modification guides.


• NIGHTFALL Details: Claimed to override Windows security controls and gain admin access, with special focus on infiltrating air-gapped networks.


✓ An air gap refers to systems disconnected from the internet to block external threats, often found in nuclear and military environments. NIGHTFALL is allegedly capable of breaching these environments using external storage devices such as USB drives.



🔍 Ongoing Cyberattacks Hit Indonesian Government; Data Posted on Dark Web


• Over the past week, seven posts offering leaked data tied to the Indonesian government were found on the dark web forum DarkForums.


• [07/11, 07/15] The threat actor ‘darknessX404’ has allegedly leaked data from an East Java government website and Indonesia’s Ministry of Energy and Mineral Resources, with multiple posts showing a pattern of targeting Indonesian government entities.


• [07/10, 07/11, 07/14] The threat actor ‘Himenisme666’ is reportedly selling personal data from Indonesia’s Ministry of Home Affairs, Directorate General of Civil Aviation, and Ministry of Manpower. The threat actor claims the stolen data includes sensitive information such as names and national ID numbers.



👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Attachments
[S2W] Weekly Darkweb_250720_EN.pdf
Product
Why Integrating Account Takeover (ATO) and Attack Surface Management (ASM) Matters?
2025.07.18
Previous
R&D Columns
Adopting Apache Iceberg for Our Data Lakehouse - Part 2: Leveraging Apache Iceberg
2025.07.23
Next
List