ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb in October W4
2025.10.29

☑️ Weekly Darkweb – October Week 4, 2025



🔍 30,000 Israeli Air Force Personnel Records for Sale on Dark Web


• On October 22, a post offering personal data of 30,000 Israeli Air Force and personnel was found being sold on the dark web forum ‘RAMP.’


• The threat actor ‘blackfield’ claimed to have compromised names, phone numbers, location data and photos, releasing 18 sample images of the victims.


• The seller stated they carried out zero‑day attacks on the victims and highlighted having access to around 7,000 mobile devices.


→ According to S2W’s user profiling tool, the seller posted in June that they were offering a one‑click zero‑day targeting all Android versions for 3 BTC.



🔍 Singapore IT Firm ‘S’ Targeted by Hacking Group Crimson Collective


• Singapore software company ‘S’ was identified as a target of the hacking group ‘Crimson Collective.’


✓ Founded in 2013, company S is a smart commerce platform company with branches in Hong Kong, Taiwan, and China.


• The hacking group Crimson Collective pointed to company S’s weak security as the reason it was able to access backup databases, calling them ‘poorly secured’ on their Telegram channel.


✓ Crimson Collective is an international cyber threat group that emerged in September 2025. The group steals data from various industries for financial gain and claimed on October 1 to have stolen data from U.S. IT company ‘R.’



🔍 Japan-Based Global Game Company ‘N’ Developer Documents Detected on Dark Web


• On October 22, a post claiming to have obtained developer documents from Japan-based global game company ‘N’ was uploaded to the dark web hacking forum ‘breachsta.rs.’


• The seller, known as ‘Asre,’ claimed to have compromised documents related to company N’s game development tools, backend code, and gaming consoles.


→ On October 11, Crimson Collective reportedly targeted company N, posting an image of folders associated with the company’s development, products, and infrastructure on Telegram.



👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Threat Intelligence Reports
IoC Update of Lazarus Group’s Recent Attack Campaign Targeting South Korea
2025.10.28
Previous
Product
How AI is Transforming Cybersecurity: The Role of AI in QUAXAR
2025.10.31
Next
List