Skip to content Dark Web Informer - Cyber Threat Intelligence
Support
Sign In Subscribe
Initial Access

A Threat Actor is Selling Unauthorized Access to 70+ POS Machines in the USA

 and  Dark Web Informer - Cyber Threat Intelligence
2 min read

💡 Subscribe to DarkWebInformer.com for Unmatched Cyber Threat Intelligence 💡

Why Subscribe? Let me do the work and save you time.

Stay ahead of cyber threats and safeguard your digital assets while enhancing your cybersecurity awareness with these exclusive subscriber-only features:

  • 📜
    Detailed Threat Posts: Stay updated on breaches, ransomware, DDoS attacks, and more.
  • 📡
    Exclusive Threat Feeds: Access the latest ransomware victim disclosures, breaches, and other critical updates.
  • 🖼️
    High-Resolution Screenshots: All posts include watermark-free, high-resolution images.
  • 🔗
    Direct Claim URLs: Instantly access claims with direct links for fast verification.

Click here to find out all of the exclusive benefits!

Subscribe Now Pay with Crypto

DarkWebInformer.com - Cyber Threat Intelligence

Quick Facts

📅 Date: 2025-01-21
🚨 Title: Alleged Sale of Unauthorized Access to 70+ POS Machines in the USA
🛡️ Victim Country: USA
🏭 Victim Industry: Retail & Point-of-Sale Systems
🏢 Victim Organization: N/A
🌐 Victim Site: N/A
📜 Category: Initial Access Sale
🔗 Claim: https://forum.exploit.in/topic/253014/
🕵️‍♂️ Threat Actor: nixploiter
🌍 Network: Openweb

WhiteIntel.io Data Leak Information

(No victim site disclosed)

Description

The threat actor, operating under the alias “nixploiter,” has posted a listing on an underground forum, offering unauthorized administrative access to more than 70 point-of-sale (POS) machines in the USA. These systems are reportedly installed in retail environments and accessed through Remote Monitoring and Management (RMM) software.

The access includes full administrative privileges, remote control, and root shell capabilities, with the systems running on Windows 7, 8, 10, and 11. The auction for this access starts at $5,000, with increments of $3,000 and a “blitz” price of $40,000.

Compromised Data

The unauthorized access provides control over the following:

  • 70+ POS machines in active use.
  • Remote monitoring and administrative functions, including root shell access.
  • Potential customer and payment card data stored or processed on these machines.

Implications

For Affected Organizations:

  1. Customer Data Theft: Exposed payment card information could lead to financial fraud.
  2. Operational Disruption: Unauthorized access could interrupt retail operations.
  3. Reputational Harm: Customers may lose trust in affected businesses.

For Customers:

  1. Financial Fraud Risk: Payment details processed through these systems may be compromised.
  2. Identity Theft: Exposure of additional personal information could facilitate fraud.

Recommendations

For Retail Organizations:

  1. Immediate Incident Response: Identify and disable compromised RMM access points.
  2. Conduct a Security Audit: Review POS systems for vulnerabilities and apply necessary patches.
  3. Enforce Multi-Factor Authentication: Strengthen access control to remote tools.
  4. Network Monitoring: Enhance real-time monitoring for unusual activities.

For Customers:

  1. Monitor your financial accounts for unauthorized transactions.
  2. Immediately report suspicious activity to your bank or credit card provider.
  3. Be cautious of phishing or fraud attempts targeting your personal information.

Related

Latest