this post was submitted on 14 Aug 2025
36 points (100.0% liked)

Pulse of Truth

1471 readers
99 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth@infosec.pub
36
For $40, you can buy stolen police and government email accounts (www.helpnetsecurity.com)
submitted 9 hours ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
6 comments fedilink hide all child comments
 

Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on institutional trust. According to new research from Abnormal AI, the accounts come from agencies in the United States, United Kingdom, Germany, India, and Brazil, and are being traded on underground forums. Source: Abnormal AI Unlike spoofed or dormant addresses, these accounts are functional and still … More → The post For $40, you can buy stolen police and government email accounts appeared first on Help Net Security.

you are viewing a single comment's thread
view the rest of the comments
[–] IllNess@infosec.pub 6 points 8 hours ago (4 children)

This shouldn't need to be said but use a VPN with these accounts.

[–] PhilipTheBucket@piefed.social 4 points 6 hours ago (3 children)

Fucking Jesus Christ, if someone is buying government email addresses on the dark web and then using a VPN to protect themselves against getting busted, they deserve what they get. Either use Tor or relay it through some compromised machine somewhere, or both. Or something. I don't really know how it works but definitely don't use a consumer VPN.

I mean it might be fine in the modern day, since anything in US law enforcement that might be subpeonaing the VPN company might no longer be functioning. But I still wouldn't really take the chance.

[–] IllNess@infosec.pub 2 points 2 hours ago (2 children)

Don't use Tor. If the FBI found ways to break it before, assume it could have other vulnerabilities to do it again.

[–] PhilipTheBucket@piefed.social 2 points 2 hours ago (1 children)

When did they break Tor? Are you sure they didn't just exploit vulnerabilities on an onion site that was hosted on Tor or something?

[–] IllNess@infosec.pub 1 points 8 minutes ago

https://www.forbes.com/sites/kashmirhill/2014/11/07/how-did-law-enforcement-break-tor/

FBI kept information to themselves of how they did it and this isn't the first time.

Also I wouldn't trust accessing a site administered by the government on Tor if onion sites can't keep me anonymous.