Threat actor zSenior is offering root-level access to a South Korean government server on a *.go.kr domain, claiming completed privilege escalation and straightforward pivoting to 42 internal hosts. The actor also reports PostgreSQL superuser access to an internal host (192.168.0.147) containing PII and potential RCE, and is accepting offers with proof and escrow. #zSenior #go.kr
Keypoints
- zSenior is selling root-level access to a South Korean government server under the *.go.kr domain.
- The actor claims full privilege escalation and the ability to pivot to 42 internal live hosts.
- PostgreSQL superuser access was obtained on an internal server (192.168.0.147) reportedly containing PII.
- The compromised server runs CentOS and has been online for 1,642 days, increasing exposure risk.
- The listing accepts offers and escrow, offers proof on request, and specifies the sale is for access only.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!