Threat Actor: Unknown | Unknown
Victim: Apple, Samsung, and 100+ Companies | Apple, Samsung, and 100+ Companies
Price: $14,500 (initially) + $3,000 (demonstration)
Exfiltrated Data Type: Customer information from purchases (billing and shipping addresses, serial numbers, company names, account numbers, phone numbers, tracking numbers)
Additional Information:
- The threat actor claims to have access to customer data from purchases made by Apple, Samsung, and 100+ companies.
- The data includes billing and shipping addresses, serial numbers, company names, account numbers, phone numbers, and tracking numbers.
- The threat actor created a bot to download the data daily for the past year, accessing between 500 to 5000 orders within the last 12 hours.
- The package for sale includes the downloaded data, the exploit used, and the Python bot created.
- The threat actor is unsure of pricing and is open to negotiations.
- Initially, they are asking for $14,500, but negotiations are welcome.
- An additional $3,000 is required to demonstrate the bug used to download the order receipts.
Allegedly, a threat actor has put up for sale an exploit that provides customer information from purchases made by 100+ companies (such as Apple, Hp, Huawei, Samsung, Lenovo, Dell, and many others popular companies). The data includes billing and shipping addresses, serial numbers, company names, account numbers, phone numbers, tracking numbers (all order and account information).
They claims having created a bot to download results daily for the past year, accessing between 500 to 5000 orders within the last 12 hours. The package for sale includes the downloaded data, the exploit used, and the Python bot created. However, they haven’t sold such items before and are unsure of pricing. Initially, they’re asking for $14,500, but negotiations are welcome.
Additionally, they’re asking for an extra $3,000 to demonstrate the bug used to download the order receipts.
Original Source: https://dailydarkweb.net/threat-actor-exploit-for-sale-claims-access-to-customer-data-from-apple-samsung-and-100-companies/