Deep Web Konek
| Abbreviation | DWK |
|---|---|
| Predecessor | Filipino Deep Web Community (2014–2023) |
| Formation | May 2023 |
| Type | Advocacy group |
| Legal status | Active |
| Purpose | Cybersecurity awareness, focus on politics and reporting |
| Headquarters | Philippines (possible part in Manila) |
| Products | Reports on data breaches and vulnerabilities |
| Methods | Cybersecurity monitoring, media reports, public awareness |
| Fields | Cybersecurity, Internet safety |
| Subsidiaries | Kukublan Philippines |
| Website | konek.hn.plus |
Deep Web Konek (abbreviated as DWK) is a Philippine-based cybersecurity advocacy group that monitors, reports, and raises awareness of data breaches and digital threats, particularly those emerging from the deep web and dark web.[1] The group publishes its findings through online platforms and works with local media outlets to highlight risks that affect both public and private institutions.[2]
Deep Web Konek began in 2014 as a small online circle of Filipinos who shared an interest in the deep web. What started as an informal group trading notes about the more obscure parts of the internet gradually evolved as major cybersecurity incidents in the country drew public attention, including the Medusa ransomware attack on the Philippine Health Insurance Corporation (PhilHealth).[1] The group has since tried to push back against the idea that all "hackers" are involved in illegal activity, noting that many work to safeguard systems and identify weaknesses before they can be exploited. Although Deep Web Konek does not carry out hacking itself, it takes on an advocacy role by studying potential threats, using different software tools to review vulnerabilities, and preparing assessments that organizations can use to strengthen their security measures.[1]
The group says it shares cybersecurity information through its online platforms, which feature articles, webinars, and interactive forums. These materials are presented in a way that non-technical readers can easily follow, with the aim of helping them understand common security risks and how to respond to them.[3]
Background
[edit]Deep Web Konek was founded in 2023 but key members originated around 2014 as part of a network of Filipino Deep Web Community. While it initially began as a community interested in the hidden web, the group gradually shifted its focus toward documenting vulnerabilities and data leaks affecting Philippine organizations.[1] It later established a media arm called Kukublan Philippines, which serves as a platform for publishing reports and analysis related to cybersecurity.[3]
Activities
[edit]The group's work centres on threat monitoring and the publication of reports about suspected breaches. Sometime in early 2025, the group began reporting about OSAEC and other cybercrimes. Its findings are often cited by news outlets, which in some cases lead to institutional inquiries or public statements from the organizations involved.[4] Deep Web Konek also promotes public awareness of internet safety, emphasizing the importance of cyber hygiene among Filipino internet users.[1]
Notable reports
[edit]In March 2024, Deep Web Konek reported that a third-party vendor of Acer Philippines had suffered a breach that exposed employee information.[2] In July 2024, the group disclosed the alleged sale of Department of Foreign Affairs (DFA) email data on the dark web.[4] The following month, it claimed that more than 13,000 legal and case records of the Supreme Court of the Philippines were compromised, although the court denied any such breach and asserted that its systems remained secure.[5] Later in August 2024, the group also reported a "massive data breach" allegedly involving millions of records from the National Bureau of Investigation (NBI). The NBI responded that its internal systems were unaffected and dismissed the claim.[6]
On September 21, 2025, the website of the Department of Public Works and Highways (DPWH) was defaced during nationwide protests over alleged corruption in the flood control funds. According to Deep Web Konek, the attack was carried out by a group calling itself the "Darkframe Cyber Alliance" and exploited a cross-site scripting (XSS) vulnerability rather than a full site takeover.[7]
Reception
[edit]Deep Web Konek has been credited with raising public awareness of cybersecurity issues in the Philippines.[1] At the same time, some of its reports have been disputed by government institutions, resulting in debates about the verification of breach claims.[8] The Daily Tribune have noted that while the group's disclosures often prompt official investigations, the difficulty of confirming dark web activity means that some of its findings should be treated with caution.[9]
See also
[edit]References
[edit]- ^ a b c d e f "Deep Web Konek: From exploring the shadows to exposing vulnerabilities". Manila Bulletin. 17 March 2024. Retrieved 21 September 2025.
- ^ a b "Acer PH says third-party vendor breached; employee database leaked". Newsbytes.PH. 13 March 2024. Retrieved 21 September 2025.
- ^ a b "About". Kukublan Philippines. 4 May 2024. Archived from the original on 23 May 2024. Retrieved 21 September 2025.
- ^ a b "DFA email data allegedly for sale on dark web". Philippine News Agency. 16 July 2024. Retrieved 21 September 2025.
- ^ "SC declares no evidence of breach in court's sensitive data". Manila Bulletin. 28 August 2024. Retrieved 21 September 2025.
- ^ "NBI data breach considered stunt; no political motivation—cybersecurity group". DZRH News. 29 August 2024. Retrieved 21 September 2025.
- ^ Cabato, Luisa (21 September 2025). "DPWH website defaced amid anti-corruption protests". Philippine Daily Inquirer. Retrieved 27 September 2025.
- ^ "SC says no data breach but dark web monitor claims records compromised". BusinessMirror. 28 August 2024. Retrieved 21 September 2025.
- ^ "SC assures security after data breach report". Daily Tribune. 28 August 2024. Retrieved 21 September 2025.