☑️ Weekly Darkweb – October Week 5, 2025

🔍 Japanese Defence Data Compromised by Hacktivist Group CLOBELSECTEAM

• On October 22, the hacktivist group CLOBALSECTEAM posted a series of messages on its Telegram channel claiming to have obtained sensitive Japanese defense data.

• The group claimed to have stolen information across policy, strategy, and technology. This includes details on overseas military equipment transfer and national security strategy.

→ In particular, the group claimed to have obtained detailed information on the Ministry of Defence’s weapon technologies and missile systems. As proof, they uploaded several images of documents containing weapon budgets and equipment types.

• CLOBELSECTEAM has been observed intensively attacking Japanese governments and private companies throughout October. They have posted messages claiming to steal data theft from over 10 entities, including global IT companies and medical institutions.

🔍 US Aerospace · Defense Giants’ Data for Sale on Dark Web Hacking Forum

• Posts selling data from major US aerospace and defense companies have recently been discovered on dark web hacking forums.

→ (10/29) A post selling confidential data from US aerospace and defense company ‘N’ was uploaded to the dark web hacking forum ‘DarkForums’. The seller uploaded blueprint of N's defense structure as a sample.

✓ According to S2W user profiling tool, the seller previously uploaded a post selling confidential data from U.S. aerospace company ‘S’ on the 27th. The seller posted partial detailed blueprint of a core rocket component developed by ‘S’ as proof of the leak and stated they specialize in selling defense-related data.

→ (10/27) A post selling 50GB of data from global aerospace company 'C', headquartered in the US, was detected on the dark web hacking forum ‘LeakBase’. The seller shared sample data identical to data posted by the Everest ransomware group on the 17th as evidence of the attack on 'C'. Everest announced plan to release all stolen data on November 2nd.

🔍 UAE Central Bank Compliance Framework Source Code for Sale on Dark Web

• On October 28, a post selling the UAE Central Bank's compliance framework source code for $1,500 was detected on the dark web hacking forum ‘XSS’.

✓ Compliance Framework: an internal management system designed to ensure systematic compliance with financial regulations, including anti-money laundering and auditing.

• The user released a file tree containing sensitive information, including source code and administrator accounts, as evidence. He also claimed the breach was caused by internal employee negligence rather than hacking.

• If such data is exploited, it could pose a serious threat to financial security, including infiltration of internal systems and data theft.

*The full report is available upon request and for XARVIS subscribers.