A threat actor is allegedly selling initial network access to a major telecommunications company based in Argentina 🇦🇷. In a post on a dark web forum, the seller claims the victim company has an annual revenue of $1.5 billion, marking it as a significant entity within the nation’s critical infrastructure. The type of access being sold is described as a “shell,” which typically grants command-line access to a server, providing a powerful foothold within the victim’s network.
The implications of this sale could be severe, as the threat actor boasts of $133 GB of data residing within the compromised environment and highlights “pivoting possibilities.” This suggests that a potential buyer could leverage the initial access to move deeper into the company’s network, potentially leading to a larger-scale data breach, ransomware deployment, or espionage. The seller has made the price negotiable and is demanding payment in Monero (XMR), a cryptocurrency known for its privacy-enhancing features. The specific contents of the data have not been detailed in the post.
