A threat actor has allegedly listed server access for an Italian technology company for sale on a cybercrime forum. The compromised firm is described as a provider of digital solutions for the healthcare industry with reported revenues of approximately $5 million. The nature of the company’s business, dealing with healthcare technology, raises significant concerns about the potential risk to sensitive systems and data. The threat originates from a post on a known forum where a user is attempting to monetize this unauthorized access.
According to the seller, the breach provides extensive control over one of the company’s servers. The listing is supported by screenshots that appear to show a Windows Server manager interface and the results of an internal network scan. These images suggest the compromised network is a small workgroup of 13 devices, including workstations and servers. The actor is allegedly selling local administrator privileges combined with remote access through AnyDesk, offering a direct and persistent entry point into the company’s network for a relatively small price.
The types of access allegedly for sale include:
- Local Administrator access to a company server
- AnyDesk remote control access
- Entry into an internal workgroup network containing multiple devices
