A threat actor has surfaced, claiming to sell unauthorized access to a vast array of companies, predominantly based in the United States. This alarming claim was made public through an announcement detailing the extensive range of access being offered.
According to the threat actor, they have breached a contracting company that collaborates with over 400 firms. The combined revenue of these companies exceeds $1 trillion, highlighting the significant economic impact potential of this breach. The unauthorized access spans multiple critical tools and platforms, including Jira, Bamboo, Bitbucket, GitHub, GitLab, SSH, SFTP, DA, Zabbix, AWS S3, AWS EC2, SVN, and Terraform.
The threat actor has stipulated that payment will be accepted only in Monero (XMR), a cryptocurrency known for its privacy features. Transactions are to be handled through an escrow service managed by a user named Aegis. Additionally, the seller has specified that they will only engage with buyers who possess a rank or reputation within the community, discouraging inexperienced or new users from initiating contact.
To establish credibility, the threat actor claims to have shared screenshots of their access in various forums and on Keybase, asserting that these can be verified by those who have seen them. This purported proof aims to reassure potential buyers of the authenticity and extent of the breach.
The announcement also provided examples of the financial magnitude of some of the affected companies, listing revenues of $67.6 billion, $197 billion, $42.3 billion, and $381.6 billion. These figures underscore the scale and potential impact of the unauthorized access being sold.
The sale of such extensive access poses significant risks to the security and operational integrity of the affected companies. It also highlights the critical need for robust cybersecurity measures to protect against such breaches and mitigate the potential damages.
The post Threat Actor Claims to Sell Unauthorized Access to Over 400 Companies with Combined Revenue Exceeding $1 Trillion appeared first on Daily Dark Web.