A threat actor using the handle Reve posted an auction offering full unauthorized access — WordPress admin panel, web shell, and database — to an unidentified US-based e-commerce shop. The site runs on WordPress with native Authorize.net payments and logged 952 orders between November 2025 and February 2026, with the actor claiming 80%+ unique orders. #Reve #WordPress
Keypoints
- Threat actor “Reve” listed an auction selling complete access to a US e-commerce WordPress site.
- The access offered includes WordPress admin panel credentials, a web shell, and database access.
- The victim is an unidentified US-based online store running WordPress with native Authorize.net payment integration.
- The shop recorded 952 orders from November 2025 to February 2026, and the actor claims over 80% unique orders.
- The incident is categorized as initial access on the open web with a medium severity rating.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!