Threat Actor: Hacker | hacker
Victim: Organizations using SonicWALL SSL-VPN systems | SonicWALL SSL-VPN
Price: $1000
Exfiltrated Data Type: User cookies, login credentials, passwords, domain information, details related to Active Directory Rules
Additional Information:
- The exploit allows unauthorized access to sensitive information in SonicWALL SSL-VPN systems.
- The attacker can bypass two-factor authentication (2FA) and access records from the RADIUS base within SonicWALL.
- Potential access to user cookies, login credentials, passwords, domain information, and details related to Active Directory Rules.
- The hacker is offering bonus items with the purchase, including dorks for IP search and a list of IP addresses.
The hacker’s claims pose a significant threat to organizations using SonicWALL SSL-VPN systems.
A hacker has put up for sale an exploit targeting SonicWALL SSL-VPN systems, claiming it can provide unauthorized access to a wealth of sensitive information. Priced at $1000, the exploit allegedly allows the attacker to bypass two-factor authentication (2FA) and access records from the RADIUS base within SonicWALL.
The information available through this exploit announced includes user cookies, login credentials, passwords, domain information, and details related to Active Directory Rules. This level of access could potentially enable an attacker to compromise entire networks and obtain critical data.
As an additional incentive, the seller is offering bonus items with the purchase:
- Dorks for IP search
- A list of IP addresses
The hacker’s claims, if true, pose a significant threat to organizations using SonicWALL SSL-VPN systems.
Original Source: https://dailydarkweb.net/sonicwall-ssl-vpn-exploit-for-sale-claims-to-bypass-2fa-and-access-sensitive-data/