Skip to content Dark Web Informer - Cyber Threat Intelligence

Alleged Sale of Unauthorized Access to UK-Based Children’s Clothing Store

📢 Unlock Exclusive Cyber Threat Intelligence

Powered by DarkWebInformer.com

Get foundational access to breach intelligence — track breaches, leaks, and threats in real-time with unfiltered screenshots and expert summaries.

📚
4,000+ Blog Posts: Continuously updated with breach reports and threat summaries.
📢
26,000+ Alerts: Access detailed breach, leak, and DDoS alerts updated daily.
📤
Unredacted Threat Feed: Track breaches and leaks in real-time with JSON export support.
🔍
Leak & Breach Coverage: Get direct access to breach posts and claims.
📡
Snippets & Quick Facts: Receive concise summaries of DDoS, defacements, and breaches.
🌐
Access 500+ Onion and Clearnet Resources: Gain verified access to a growing index of dark web sites and services.
📊
Real-Time Uptime Dashboard: Monitor live status of 500+ dark web and clearnet sites.
🤖
WhiteIntel.io API Access: Access an integrated API, in breach blog posts.
🖼️
High-Resolution Images: View uncompressed, watermark-free breach evidence.
🔑
Keyword Notifications: Receive browser alerts when monitored keywords are triggered.
👥
Telegram Channels: Stay in the know with access to different Telegram channels.
📨
PGP Contact Details: Access verified PGPs for ransomware and threat groups.

A threat actor operating under the alias sc0rpic has listed unauthorized admin access to a British children’s e-commerce store built on WordPress. The listing appears in a known access marketplace and includes statistics about recent sales volumes, card usage rates, and auction terms for buyers.

📸 Note: Select screenshots are shown in this post.
Full claim URLs and high-resolution, unredacted screenshots are available exclusively via the private threat feeds for paid subscribers.
👉 Subscribe

🧾 Key Details

FieldInformation
Victim CountryUnited Kingdom 🇬🇧
IndustryE-commerce & Online Stores
PlatformWordPress
Threat Actorsc0rpic
CategoryInitial Access
SeverityMedium
Claim URLexploit.in link
NetworkOpen Web

🛒 Target Overview

The victim is described as a British children’s clothing store running on WordPress. The threat actor provides the following operational data:

  • Total orders (at time of post): 5,640
  • Orders in May: 49
  • Warrants in June: 67
  • Orders in July: 92
  • Card payments: Represent 30–35% of all transactions

🔓 Access Details & Sale Conditions

  • Access Offered: Admin panel login and password
  • Shell Access: Claimed to be filled “if possible”
  • Auction Terms:
    • Start: 400$
    • Step: 50$
    • Blitz (Buy Now): 700$
    • Duration: 24 hours
  • Payment: Redacted (Subscribe for unredacted screenshots)
  • Autogarant: Used (paid by buyer)

📸 Screenshot

Unredacted and high-resolution versions are available to paid subscribers.


🧰 TTPs (MITRE Mapping)

TacticTechnique IDTechnique Name
Initial AccessT1078Valid Accounts (Admin Panel Credential Sale)
PersistenceT1505.003Server Software Component (Possible Shell Injection)
Credential AccessT1556.001Credentials from Password Stores (Login Dump for Access)
CollectionT1114Email Collection (Likely through Admin Panel)
ExfiltrationT1041Exfiltration Over C2 Channel (if shell is installed)

Note: Techniques are inferred based on the access level and threat actor's intent to provide shell capabilities.


🧠 Final Notes

This listing indicates a targeted breach of a live commercial platform serving UK-based customers. While no organization name was disclosed, the threat actor appears to have direct access to administrative tools and historical order data, posing risks for data exposure, financial fraud, or additional compromise.

Latest