A threat actor has allegedly put initial network access to Nike, the American multinational corporation, up for sale on a popular dark web forum. The seller claims to offer shell access with the highest level privileges, specifically “Root/Administrator,” to the sportswear giant’s systems. The asking price is listed as $5,000 USD, with the seller noting the price is negotiable and accepting payments in Monero (XMR) and Bitcoin (BTC).
Nike is a world-renowned designer and manufacturer of footwear, apparel, equipment, and accessories, with a reported revenue of $46 billion, making it a high-value target for cybercriminals. The post advertising the access specifies the geography as North America and mentions the access was obtained via a “Shell/Exploit.” As a form of proof, the threat actor included a screenshot that appears to show a scan result of a server running a potentially vulnerable version of OpenSSH, suggesting a possible entry point into the company’s network.
The sale of initial access is a critical component of the cybercrime ecosystem, often utilized by ransomware gangs and other malicious actors to gain a foothold within a target organization. Such access can be leveraged to escalate privileges, move laterally across the network, exfiltrate sensitive corporate data, and ultimately deploy ransomware. This alleged incident highlights the persistent and evolving threats that major global corporations face from Initial Access Brokers (IABs) operating on the dark web.
