In a cyber incedent a threat actor is allegedly selling full access and control over an African country’s court case system for 85 XMR (Monero). The offer, which demands escrow or middleman services for the transaction, includes comprehensive access to the court case database of every court in the country, encompassing the Supreme and High courts.
The access claimed by the threat actor includes the ability to create, edit, and delete court cases, covering everything from criminal to business cases. Additionally, they can create, update, and delete user accounts, affecting nearly 2,000 employees. The access also includes emails, usernames, and weakly hashed passwords of these government users, along with hundreds of thousands of active and closed court cases.
The threat actor states that they will not publicly disclose the exact country involved but are willing to share this information privately with reputable and interested members. They also express willingness to verify this access with a forum moderator due to the sensitive nature of the data and application involved. This claim, if true, represents a severe security breach with potentially far-reaching implications for the affected country’s judicial system and overall governance.