In a recent post on a dark web forum, a threat actor has advertised full network access to a real estate and construction company in Brazil, boasting more than 1,500 employees and annual revenue exceeding $400 million. The access, which includes control over critical systems, is being offered for sale for $15,000.
According to the post, the threat actor claims to have compromised various network elements, including command-and-control (C2) infrastructure, shell access, and cloud services. The offer extends to 1,100 devices, with full administrative privileges over network forests, domain administration, and enterprise-level control. Additionally, the listing includes access to the company’s antivirus (AV) management panel, providing potential buyers with further capabilities to disable security measures.
The threat actor is also offering a discounted option for ransomware operators. For $5,000, threat actors can purchase the network access, with the stipulation that 30% of any ransom payment be shared with the seller. The post indicates that transactions will be handled through BF escrow.
