🔗 DarkWebInformer.com: New Threat Alert
📅 Date: 2024-09-20 00:16:52.415906+01:00
🚨 Title: Alleged sale of RDP access to an unidentified U.S.-based company
🛡️ Victim Countries: USA
🏭 Victim Industries:
🏢 Victim Organizations:
🌐 Victim Sites:
📜 Category: Initial Access
🔗 URL: https://forum.exploit.in/topic/247576/
🕵️♂️ Threat Actors: sudo
🌍 Network: openweb
📝 Content: The threat actor claims to be selling user access via RDP to a U.S.-based company with an annual income of $120 million. The compromised access includes local admin privileges, while the environment is secured by Webroot antivirus. The domain consists of computers running Windows Server 2012, with CMD and PowerShell disabled.
Screenshots:
