IntelBroker, a notorious threat actor, has posted an offer on a forum, claiming to sell unauthorized access to critical repositories and social accounts of a well-known programming language. The offered access includes the language’s NPM (Node Package Manager) and GitHub accounts, encompassing all private repositories.
The seller claims that with this access, buyers can push commits, clone repositories, and more. Additionally, the access package includes control over the language’s Twitter account, which reportedly has around 100,000 followers. The asking price for this full suite of access is set at $20,000, payable in Monero (XMR), a privacy-focused cryptocurrency.
This access sale could lead to unauthorized code changes, potential malware distribution, and significant reputational damage to the programming language’s ecosystem.