A threat actor known as ITSUKI is selling access to multiple government GitLab servers across Bolivia, Malawi, Brazil, and Indonesia. The compromised servers contain sensitive data including source code, secrets, private keys, and backups. #ITSUKI #GitLabSecurity
Keypoints
- The threat actor ITSUKI advertises access to government GitLab servers in four countries.
- The compromised repositories include source code, CI/CD secrets, and internal documentation.
- Access to private keys and database backups is also included in the sale offer.
- ITSUKI claims that no samples of the data will be shared to protect the integrity of the accesses.
- The sale was posted on DarkForums, indicating a dark web marketplace for sensitive government data.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!