📢 Unlock Exclusive Cyber Threat Intelligence
Powered by DarkWebInformer.com
Get foundational access to breach intelligence — track breaches, leaks, and threats in real-time with unfiltered screenshots and expert summaries.
A threat actor operating under the alias sc0rpic has listed unauthorized admin access to a British children’s e-commerce store built on WordPress. The listing appears in a known access marketplace and includes statistics about recent sales volumes, card usage rates, and auction terms for buyers.
📸 Note: Select screenshots are shown in this post.
Full claim URLs and high-resolution, unredacted screenshots are available exclusively via the private threat feeds for paid subscribers.
👉 Subscribe
🧾 Key Details
Field | Information |
---|---|
Victim Country | United Kingdom 🇬🇧 |
Industry | E-commerce & Online Stores |
Platform | WordPress |
Threat Actor | sc0rpic |
Category | Initial Access |
Severity | Medium |
Claim URL | exploit.in link |
Network | Open Web |
🛒 Target Overview
The victim is described as a British children’s clothing store running on WordPress. The threat actor provides the following operational data:
- Total orders (at time of post): 5,640
- Orders in May: 49
- Warrants in June: 67
- Orders in July: 92
- Card payments: Represent 30–35% of all transactions
🔓 Access Details & Sale Conditions
- Access Offered: Admin panel login and password
- Shell Access: Claimed to be filled “if possible”
- Auction Terms:
- Start: 400$
- Step: 50$
- Blitz (Buy Now): 700$
- Duration: 24 hours
- Payment: Redacted (Subscribe for unredacted screenshots)
- Autogarant: Used (paid by buyer)
📸 Screenshot

Unredacted and high-resolution versions are available to paid subscribers.
🧰 TTPs (MITRE Mapping)
Tactic | Technique ID | Technique Name |
---|---|---|
Initial Access | T1078 | Valid Accounts (Admin Panel Credential Sale) |
Persistence | T1505.003 | Server Software Component (Possible Shell Injection) |
Credential Access | T1556.001 | Credentials from Password Stores (Login Dump for Access) |
Collection | T1114 | Email Collection (Likely through Admin Panel) |
Exfiltration | T1041 | Exfiltration Over C2 Channel (if shell is installed) |
Note: Techniques are inferred based on the access level and threat actor's intent to provide shell capabilities.
🧠 Final Notes
This listing indicates a targeted breach of a live commercial platform serving UK-based customers. While no organization name was disclosed, the threat actor appears to have direct access to administrative tools and historical order data, posing risks for data exposure, financial fraud, or additional compromise.