If you noticed a lot of dark web leak site listings by a new group, 0apt, and have been concerned about whether they might be a dangerous and prolific group, the DataBreach[.]com team (no relationship to DataBreaches[.]net) has a reassuring message for you: the listings and data leaks are fake and a waste of your time. They report:
… as we started checking the group’s claims, we found something stranger than a hack. While the group initially populated its site with a string of low-tier, nameless “garbage” companies, it has recently pivoted to a much more dangerous game. The list now features some of the world’s most recognizable corporate titans, from medical technology leaders to defense contractors.
The group’s vibe-coded leak site is the usual minimalist page common in the underworld, offering a download button for each victim. Yet anyone who clicks it is walking into a trap, not of malware, but of wasted time. The downloads are infinite streams of random data, built on the fly. There are no folders of internal emails, no spreadsheets of customer data, and no social security numbers.
It is a scam built entirely on white noise.
The trick is simple, but it works. According to researchers who watched the traffic, the group’s servers are likely piping a stream of
/dev/random(a standard computer tool for making random bits) straight into the user’s browser.
Read more at DataBreach.com.