Threat Actor: Unknown | unknown
Victim: U.S.-based financial and trading company | U.S.-based financial and trading company
Price: Negotiable
Exfiltrated Data Type: Internal network access, passwords, Active Directory access
Key Points :
- The threat actor claims to have unauthorized access to a U.S. financial firm with an estimated annual revenue of $100 million.
- Backdoors have allegedly been established on several company websites, allowing potential entry into internal systems.
- Access includes passwords to internal machines and privileges on an Active Directory machine.
- The actor is open to offers via a dark web forum or encrypted communication.
- Communication can be initiated using a provided Session ID and TOX ID.
A threat actor has recently posted an offer on a dark web forum, claiming to possess unauthorized access to the internal network of a U.S.-based financial and trading company with an estimated annual revenue of $100 million.
The individual claims to have established backdoors on several of the company’s websites, which could potentially serve as entry points into the company’s internal systems. Additionally, the threat actor is offering passwords to internal machines and access to an Active Directory (AD) machine with local administrator privileges. The post suggests that the access could be used to deploy ransomware or engage in other malicious activities.
The actor, who appears to be uncertain about the value of the access, is soliciting offers through the dark web forum or via encrypted communication channels.
The threat actor provided a Session ID and a TOX ID for interested parties to initiate communication.
The post Threat Actor Offers Access to U.S. Financial Firm’s Network appeared first on Daily Dark Web.