A threat actor identified as INT3X is selling a database from mutreasury, the payment gateway used by more than 28 Egyptian universities, exposing administrative credentials, ERP API tokens, and student payment transaction records. The seller also claims to be offering a zero-day unauthenticated-access vulnerability that enables persistence and real-time extraction of data from additional universities connected to the same infrastructure. #mutreasury #INT3X #Fawry #eFinance #Khales
Keypoints
- INT3X is selling data stolen from mutreasury, Egypt’s centralized university payment gateway.
- The exposed database covers more than 28 Egyptian universities, with 4 shown in a public preview.
- Administrative credentials and internal employee access data were included in the leak.
- ERP API tokens and live integration URLs were exposed, linking mutreasury to university systems.
- The seller is also marketing a zero-day exploit for unauthenticated access and ongoing data extraction.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!