Info Data Leak

Threat Actor Claims to Sell Unauthorized Access to Over 400 Companies with Combined Revenue Exceeding $1 Trillion

DailyDarkWeb

Threat Actor: Unknown | Unknown
Victim: Over 400 companies | Over 400 companies
Price: Not specified
Exfiltrated Data Type: Not specified

Additional Information:

  • The threat actor claims to have unauthorized access to over 400 companies.
  • The combined revenue of the affected companies exceeds $1 trillion.
  • The breach includes access to critical tools and platforms such as Jira, Bamboo, Bitbucket, GitHub, GitLab, SSH, SFTP, DA, Zabbix, AWS S3, AWS EC2, SVN, and Terraform.
  • Payment is only accepted in Monero (XMR) cryptocurrency.
  • Transactions are handled through an escrow service managed by a user named Aegis.
  • The threat actor only engages with buyers who possess a rank or reputation within the community.
  • Screenshots of the access have been shared in various forums and on Keybase for verification.
  • Examples of affected companies’ revenues include $67.6 billion, $197 billion, $42.3 billion, and $381.6 billion.
  • The sale of such extensive access poses significant risks to the security and operational integrity of the affected companies.
  • Robust cybersecurity measures are necessary to protect against such breaches and mitigate potential damages.

A threat actor has surfaced, claiming to sell unauthorized access to a vast array of companies, predominantly based in the United States. This alarming claim was made public through an announcement detailing the extensive range of access being offered.

According to the threat actor, they have breached a contracting company that collaborates with over 400 firms. The combined revenue of these companies exceeds $1 trillion, highlighting the significant economic impact potential of this breach. The unauthorized access spans multiple critical tools and platforms, including Jira, Bamboo, Bitbucket, GitHub, GitLab, SSH, SFTP, DA, Zabbix, AWS S3, AWS EC2, SVN, and Terraform.

The threat actor has stipulated that payment will be accepted only in Monero (XMR), a cryptocurrency known for its privacy features. Transactions are to be handled through an escrow service managed by a user named Aegis. Additionally, the seller has specified that they will only engage with buyers who possess a rank or reputation within the community, discouraging inexperienced or new users from initiating contact.

To establish credibility, the threat actor claims to have shared screenshots of their access in various forums and on Keybase, asserting that these can be verified by those who have seen them. This purported proof aims to reassure potential buyers of the authenticity and extent of the breach.

The announcement also provided examples of the financial magnitude of some of the affected companies, listing revenues of $67.6 billion, $197 billion, $42.3 billion, and $381.6 billion. These figures underscore the scale and potential impact of the unauthorized access being sold.

The sale of such extensive access poses significant risks to the security and operational integrity of the affected companies. It also highlights the critical need for robust cybersecurity measures to protect against such breaches and mitigate the potential damages.

Original Source: https://dailydarkweb.net/threat-actor-claims-to-sell-unauthorized-access-to-over-400-companies-with-combined-revenue-exceeding-1-trillion/

Tags: BREACH, IMPACT, FINANCIAL