A dark web actor has allegedly offered network access for sale to corporations in multiple countries, including the US, Canada, UK, France, Germany, and South Korea. Ransomware groups frequently exploit this type of access to infiltrate and hold corporate systems hostage.
Key Details:
- Targeted Corporations: The actor claims access to corporate networks with revenues ranging from $5 million to over $1 billion.
- Access Type: The sale involves reverse SOCKS5 access, which routes traffic through compromised machines, making it difficult to trace.
- Geographical Focus: Targeted corporations are in the US, Canada, UK, France, Germany, and South Korea, excluding the CIS region.
- Pricing: Prices vary based on the corporation’s size and revenue:
- $400 for corporations with $5 million in revenue.
- $900 for medium-sized corporations with revenues between $6 million and $30 million.
- $1,400 for large corporations with revenues between $50 million and $1 billion.
- $3,000 for corporations with revenues exceeding $1 billion.
Ransomware groups actively seek this type of network access, using it as an entry point for their attacks on large corporations. The ongoing sale of compromised network access on underground forums underscores the persistent threat to global businesses.
