In a concerning development, a threat actor has surfaced, asserting the availability of unauthorized access to the RDP of a prominent Iranian Pipeline/Petrol / Chemicals / Logistics Company. The threat actor does not provide information about the company’s valuation. However, it is claimed that access to the accounts of 35+ domain users can be obtained through the entered device, It is said that with these accesses, company emails can be used. Additionally, access to 25+ hosts can be gained.
This access facilitates entry into Windows systems through a RDP, providing authorization of the domain admin system. Furthermore, the threat actor has established price for this illicit access at $5000.