A threat actor has recently emerged, purportedly offering unauthorized access to firewall VPNs and hosts on a large scale. The VPN access spans countries like the US, UK, and others, primarily targeting industries such as IT and telecom. With root privileges, these accesses encompass VPN, SSH, and shell functionalities, totaling 4,000 accesses. Prices start at $150,000, with incremental steps of $20,000 and a flash sale option at $400,000, exclusively conducted through a guarantor.
Furthermore, the same threat actor claims in another post to be selling access to a significant number of hosts, predominantly firewalls, with root access privileges. The package includes configuration files, code execution capabilities, and the ability to create new logins. Most hosts are situated in the US, EU (including the UK), and select Asian countries, primarily targeting the IT sector, with a notable presence in major investment banks and a prominent US telecom company. Pricing options vary, ranging from $249 to $599 per configuration file, with additional fees for specific features such as code execution. Negotiable prices apply, with a minimum host purchase requirement of 1,000 and a maximum availability of 4,000 hosts.
