A threat actor has announced the sale of unauthorized VPN access to an IT service management company operating in the United States and another unspecified country. The company reportedly has annual revenue exceeding $500 million. The asking price for this access is set at $5,000, with the possibility of negotiation.
Details of the Alleged Access:
- Price: $5,000 (negotiable)
- System Type: Device management
- Antivirus Presence: Not detected
- Credential Level: Network administrator
- Transaction Condition: Middleman accepted
According to the threat actor, the compromised access includes network administrator credentials, providing significant control over the company’s IT infrastructure. The absence of detected antivirus protection suggests potential vulnerabilities within the system.
This unauthorized access, if legitimate, could pose a serious threat to the company’s operations, potentially exposing sensitive data, disrupting services, and compromising client information. The sale of such access highlights the ongoing risks and challenges in securing corporate networks against cyber threats.
The inclusion of a middleman for the transaction indicates an effort to assure potential buyers of the legitimacy and security of the sale process. This announcement underscores the critical need for robust cybersecurity measures and vigilant monitoring to prevent unauthorized access and safeguard corporate assets.