Threat Actor: Unknown | Unknown
Victim: Prominent IT service provider and cloud operator in France | Prominent IT service provider and cloud operator in France
Price: Not mentioned
Exfiltrated Data Type: Not mentioned
Additional Information :
- The threat actor is offering domain admin access to a prominent IT service provider and cloud operator in France.
- The breach allegedly includes access to over 50 terabytes of data and 673 entries in the Remote Desktop Manager.
- Some of the entries are connected to different domains.
- The targeted company has a revenue of $18 million on Zoominfo.
- The system is protected by WithSecure Elements Agent, which can be turned off if necessary.
- The type of access provided is through Remote Desktop Protocol (RDP) with domain admin privileges.
- The seller is open to negotiating the price for this unauthorized access.
In a cybersecurity incident, domain admin access to a prominent IT service provider and cloud operator in France is being offered for sale. The seller claims to have gained extensive control over the company’s network and is seeking a fair price for this high-level access.
The targeted company has a revenue of $18 million on Zoominfo. Allegedly, the breach includes access to over 50 terabytes of data and 673 entries in the Remote Desktop Manager, some of which are connected to different domains. There are 35 hosts within the domain, and the system is protected by WithSecure Elements Agent, which can be turned off if necessary. The type of access provided is through Remote Desktop Protocol (RDP) with domain admin privileges. The seller is open to negotiating the price for this unauthorized access.
Original Source: https://dailydarkweb.net/threat-actor-allegedly-offers-unauthorized-rdp-access-to-a-french-it-service-provider/