A threat actor has unveiled “Hell Paradise,” an online platform offering access to vulnerable government websites and associated data, organized by country. The actor has categorized vulnerabilities and data by country, with an initial listing of 49 nations. Currently, there are over 1000 vulnerable government sites available, categorized into three groups: Vulnerabilities, Exposed Git repositories, and Exposed Environment files.
Key features of Hell Paradise include:
– Limited Access: Users can view only two vulnerable sites per day to prevent content abuse.
– Focus on Critical Vulnerabilities: The platform highlights Critical and High Severity vulnerabilities such as Remote Code Execution (RCE), Local File Inclusion (LFI), and SQL injection (SQLi).
– Wide Coverage: The platform covers 49 different countries, with a database of over 1000 vulnerable government sites.
– Registration Fee: A $50 registration fee is required to prevent spam and abuse, ensuring responsible usage of the platform.
– Privacy Measures: The platform does not store user data, only requiring an email address for registration, with the recommendation to use the secure cock.li email service.
