SchloĂźstr. 5, 83250 Marquartstein, Deutschland
+49 (0)8641 6270010


The darknet and data leaks – a dangerous threat for your company

The darknet and data leaks – a dangerous threat for your company

What is the darknet?

Only a small piece of the internet is visible. It is only the tip of the iceberg. The rest is divided into deep web and darknet (approximately 80%). The darknet is based on a military invention and the communication is fully encrypted. In practice, nobody can trace back who communicated with whom. But, there are several possibilities for powerful states to reveal these secrets partially. In the end, the darknet was invented to support positive things, to share information a regime wants to hide. It is a powerful technology for freedom of speech and human rights. On the other side, it is a powerful tool to cybercriminals. They share stolen data, credit card information, usernames, passwords and much more anonymously on darknet marketplaces.

Some of the common vulnerabilities and risks caused by darknet data leaks

This risk and vulnerability overview may look short, but misuse of leaked credentials is one of the most top reasons why companies and accounts get hacked.
For 65-70% of all companies, we have found darknet data. According to our experience, after 10 years of business operation, data leaks affect 30-40% of the employees. It is very likely, that your company suffers data breaches you do not know.
  • Hacker buy stolen access information for your company and use to get access to your network (e.g. passwords, usernames)
  • Your customer data is being sold on the darknet (e.g. purchase history, contact information) and used to send spam and phishing emails to your customers
  • Your employees may register with their business email to unsecure sites, which may suffer an attack in future
  • Your employees may use the business passwords for other unsecure and private sites

How to prevent cybersecurity incidents and risks arising from darknet data leaks?

  • Implement proper password policy
  • Conduct regular trainings to increase awareness
  • Conduct regular darknet audits to review for new leaks

How does Botiguard can help?

Botiguard is a specialized firm in darknet analysis. We can offer:

  • Standard darknet analysis (as part of our standard audit Botiguard BusinessSecure) or

    • We will carefully analyze the darknet for your company and create data excerpts. The standard report usually contains the following information, if leaked:
      • Real first & last name
      • Usernames
      • Passwords
      • Phone numbers
      • eMail addresses
      • Purchase history
      • IP-Addresses
      • Addresses (e.g. street, zip code)
      • Estimation of leak data
      • Estimation when data leak was detected
    • Data age can be few months up to years
  • Individual, intense darknet research (as part of our individual consulting and services)

    • The output is very individual based on the concrete findings. This intensive darknet research is recommended if you recently experienced or suspect a data breach, other customer leaks, hacker attack or ransomware activity. You will get concrete assessments if data leaks were found for recent breaches in the darknet.
    • The age can be hours up to few weeks.


You may consider doing darknet analysis on your own. We strongly recommend not to do it yourself. As a specialized firm in darknet analysis, we have access to big databases and are always up-to-date. It is very difficult and effortful to maintain up-to-date access to darknet forums, to increase reputation in forum admins, translate texts, negotiate and communicate to hackers over a long-term period, collect and structure the mass amount of data or make test purchases. You may risk False-Negative findings. In addition, a darknet analysis can reveal sensitive information (e.g. health, sexual orientation, religion) and may put you in a legal dilemma. Avoid this and let professionals do it for you.

Leave a Reply

Your email address will not be published. Required fields are marked *


Write to us
Startpaket (kostenlos)Einmalige PrĂĽfung
z.B. Domains, Subdomains, IPs
limitiert auf die Haupt-Domain8 Dienste und Subdomains werden standardmäßig geprüft (z.B.
+ 10 weitere frei festlegbar
PrĂĽfungsintervalllimitiert 1x pro Jahr pro Kundeindividuell
Scanner IP bekannt âś”
Testzeit festlegbar (z.B. außerhalb Geschäftszeiten)✔
Ă–ffentlich erreichbare IT-Infrastruktur
Kritische Dienste und Ports
z.B. RDP, Samba, SSH, FTP
Passive Reconnaissance
Web-Konferenz mit Bot✔✔
Suche nach geleakten Zugängen
e-Mail Security und Spoofingâś”
5 gefälschte e-Mails
30 gefälschte e-Mails
Automatische Erkennung von Subdomainsâś”
Aktuelleste Cybersicherheits-Bedrohungen
z.B. aktuelle CVEs und Einfallstore
eMail Alarmâś”
Niedrige Priorität
Hohe Priorität
Weitere dazugehörige Endpunkte10 €
Kundenspezifische Anpassungennein
Virtuelle Beratung durch Security Experten99 € / h
Daten in eigenem Vserver49 €