A threat actor is reportedly selling unauthorized administrative access to a SolarWinds Orion account used by a major telecommunications company, revenue $350 Billion, in Latin America. This access allegedly manages around 200 customers, including banks, trust funds, and petroleum stations.
The access being sold comes with full admin privileges, enabling the buyer to add, remove, and modify users, as well as adjust LDAP settings and perform any other administrative tasks. The scope of potential damage is significant, considering the sensitive nature of the clients involved.
