A threat actor claims to be selling privileged network access to a major Chinese cloud provider. The victim is described as a large enterprise with worldwide partners and an annual revenue of approximately $12 billion. The actor is offering Remote Code Execution (RCE) capabilities, indicating a deep level of compromise within the company’s infrastructure.
According to the actor, the offering includes root-level administrative privileges on the provider’s Linux-based systems. The initial asking price for this access is listed at $1,200. The post further claims that this incident is part of a larger campaign, stating that 12 telecommunication and IT providers across Asia have been successfully compromised and their access will be sold off individually.
