A threat actor named “timcookapple” is offering vast quantities of compromised access credentials, including webshells, WHMCS hosting, and cPanel control panels, impacting over 50,000 domains worldwide. These supplies are targeted at malicious activities such as SEO manipulation and cyber attacks, with prices ranging from thousands of dollars in cryptocurrency. #timcookapple #webshells #WHMCS #cPanel #compromiseddomains
Keypoints
- The threat actor “timcookapple” is selling large collections of stolen credentials affecting global domains.
- Over 10,869 webshells, nearly 6,000 WHMCS server accesses, and 54,827 cPanel accounts are available for purchase.
- The compromised domains include high-traffic and authoritative sites across various TLDs and regions.
- Pricing varies, with minimum purchases costing several thousand dollars paid in BTC or USDT.
- Contact for purchases is made via Telegram, and the sales are part of a critical initial access threat campaign.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!