Threat Actor: IntelBroker | IntelBroker
Victim: Europol | Europol
Price: $20,000 in cryptocurrency
Exfiltrated Data Type: FOUO (For Official Use Only) and other classified data, Alliance employees, files related to recon and guidelines
Additional Information :
- The hacker announced the hack of Europol on the cybercrime forum Breach.
- The compromised data includes FOUO and other classified data, such as Alliance employees, files related to recon and guidelines.
- The security breach occurred in May 2024.
- The impacted agencies are CCSE, EC3, the Europol Expert Platform, the Law Enforcement Form, and the SIRIUS system.
- SIRIUS is an EU-funded project that helps law enforcement and judicial authorities access cross-border electronic evidence.
- The hacker accepts only payments in Monero cryptocurrency.
- The same threat actor also announced the sale of access to a major cybersecurity company for $20,000 in cryptocurrency.
- The compromised security firm is ZScaler.
- The access being sold includes confidential and highly critical logs packed with credentials.
- The sale is covered by escrow, and the seller will only sell to reputable forum members who provide proof of funds.
The threat actor IntelBroker announced on the cybercrime forum Breach the hack of the European law enforcement agency Europol.
The hacker said that the compromised data includes FOUO (For Official Use Only) and other classified data, such as Alliance employees, files related to recon and guidelines
IntelBroker added that the security breach occurred in May 2024, he said that impacted agencies are the CCSE (Joint Center for European Security), EC3, the Europol Expert Platform, the Law Enforcement Form, and the SIRIUS system. SIRIUS is an EU-funded project that helps law enforcement and judicial authorities access cross-border electronic evidence in the context of criminal investigations and proceedings.
“Hello BreachForums Community,
Today, I am selling the entire data breach belonging to Europol. Thanks for reading, enjoy!” announced the hacker. “In May 2024, Europol suffered a data breach and lead to the exposure of FOUO and classified data.”
The seller accepts only payments in Monero cryptocurrency.
This week IntelBroker also announced on a Breach Forums the sale of the access to “one of the largest cyber security companies.” IntelBroker did not reveal the name of the compromised security firm, but the threat actor announced in the BF ShoutBot that the company is ZScaler.
IntelBroker has offered to sell “confidential and highly critical logs packed with credentials”, including SMTP access, PAuth access, and SSL passkeys and certificates, for a total price of $20,000 in cryptocurrency.
“Hello BreachForums Community. Today Im sellng access to one of the largest cyber security companies. Revenue: $1.8 Billion Access includes: Confidential and highly critical logs packed with credentials SNITP Access Muth Pointer Auth Access SSL Passkeys S. SSL Certificates some others (will be on contact)” reads the announcement published by IntelBroker who is demanding $20K in XMR or ETH.
The seller added that the sale is covered by escrow, he will sell the access only to reputable forum members that will provide proof of funds.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, cybercrime)
Original Source: https://securityaffairs.com/163003/cyber-crime/intelbroker-claims-europol-data-breach.html