A threat actor going by bobby_killa is auctioning full WordPress admin access to an unnamed Spanish e-commerce site that uses the REDSYS payment gateway and handles roughly 1,150–1,200 monthly card orders. The listing, posted on a Russian-language forum with a $1,000 starting bid and a $3,000 blitz price, creates high risk for payment skimming, checkout manipulation, and fraudulent transactions. #bobby_killa #REDSYS
Keypoints
- Threat actor bobby_killa is auctioning full WordPress admin access to an unnamed Spanish e-commerce site.
- The site integrates the REDSYS payment gateway and records approximately 1,150–1,200 card orders per month.
- The auction lists a $1,000 starting bid, $100 bid increments, a $3,000 blitz price, and a 12-hour duration on a Russian-language forum.
- Buyer with admin access could inject payment skimmers, modify checkout pages, access logs and customer order data, or use the merchant account for fraud.
- The listing represents a financially motivated initial-access sale targeting REDSYS-integrated retailers rather than a disclosed data breach.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!