An individual claiming to sell access to WEXโs SOAP API keys for the corporate payment system has emerged, posing a significant security threat. The attacker, โbigbandz,โ offers merchant account credentials with capabilities to view payments and issue transactions, raising concerns about potential fraud. #WEX #SOAPAPIKeys
Keypoints
- The threat actor โbigbandzโ is offering unauthorized access to WEXโs merchant API keys.
- The API grants visibility into all daily payments and the ability to issue payments and cards.
- The sale includes a bidding process with a starting bid of $500 and an auction ending after 24 hours.
- No Indicators of Compromise (IOCs) were disclosed by the threat actor.
- The incident highlights the risk of unauthorized access to financial service APIs in the software industry.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!