Threat Actor: IntelBroker | IntelBroker
Victim: Washington DC DMV and IAAI | Washington DC DMV and IAAI
Price: Available for purchase via XMR (Monero)
Exfiltrated Data Type: Complete source code and sensitive modules
Key Points :
- The breach includes data from 2018 to 2024.
- Notable projects include ASAP.TitleService, BluePayBuyerPaymentService, and CoreTrackStateMachine.
- The source code contains hardcoded credentials.
- The threat actor is open to using a middleman for the sale.
- Contact methods for potential buyers include Keybase and XMPP.
A dark web post was published by the threat actor “@IntelBroker”, claiming responsibility for breaching and obtaining the complete source code of both the Washington DC Department of Motor Vehicles (DMV) and IAAI.com, a major auction website. The post details the extent of the breach, which reportedly includes data ranging from 2018 to 2024.
The threat actor’s announcement lists a comprehensive set of projects, including sensitive modules such as “WashingtonDMV,” “AuctionCenter,” and “B2BAssignments.WebSvc.” Additionally, the source code reportedly contains hardcoded credentials.
Some of the notable projects mentioned include:
- ASAP.TitleService
- BluePayBuyerPaymentService
- CoreTrackStateMachine
- IAAI.OnYardDataSVC
- Legacy.NQ
- BRACAppTest
- ExpenseManagement
According to the post, the stolen data is available for purchase via XMR (Monero). The threat actor provided several contact methods for potential buyers, including Keybase and XMPP, and expressed openness to using a middleman to facilitate the sale.
The post IntelBroker Allegedly Breached Washington DC DMV and IAAI appeared first on Daily Dark Web.