The emerging underground marketplace of stolen data ‘Marketo’ available in TOR network announced the publication of data presumably stolen from sportswear manufacturer Puma.
The ad on Marketo claims to have about 1GB of data stolen from the company that are now auctioned to the highest bidder.
Cybercriminals behind ‘Marketo’ claim to be operators of an organized ‘marketplace of stolen data’ and not as a typical ransomware group distributing malicious code to disrupt IT operations by blocking the network of the victim and by encrypting available files on various data storage.
One of the unique features provided by ‘Marketo’ – the ability to ‘bid’ on stolen data, which obviously creates competition between parties interested in data acquisition including the end victim.
At the time of this writing, 157 threat actors have made their bid to buy the sensitive data.
Some of the files stolen form Puma were published on Marketo, most of them contains source codes of internal management applications potentially linked to the company’s Product Management Portal.
This data could be used by threat actors to orchestrate a more sophisticated attack against the company.
Experts that have analyzed the code have found evidence that the files of the organizations might have been stolen as result of a data breach of a third-party software provider.
(SecurityAffairs – hacking, FIN8)