Skip to content Dark Web Informer
Support
Sign In Subscribe
Initial Access

Alleged sale of unauthorized Forti web admin access to unidentified organizations

 and  Dark Web Informer
4 min read
Alleged sale of unauthorized Forti web admin access to unidentified organizations | Dark Web Informer
Dark Web Informer - Cyber Threat Intelligence
BREACH ALERT

Alleged sale of unauthorized Forti web admin access to unidentified organization

📅 December 25, 2025 - 7:34:39 PM
🌍 Unknown
🏢 Unknown
Affected Organization
Unknown
Website
Unknown
Threat Actor
SantaAd

Incident Overview

The threat actor "SantaAd" claims to be selling unauthorized Fortinet web admin access to over 3,500 organizations. The listing was posted on an open web cybercrime forum on December 25, 2025.

According to the threat actor's advertisement, the offering includes:

  • Fortinet web admin access valid as of December 24, 2024
  • Access to 3,500+ admin panels
  • Mix of TIR1 priority targets

The auction pricing structure is listed as follows:

  • Starting bid: $20,000
  • Bid increment: $5,000
  • Blitz (instant purchase) price: $35,000

Image Preview

Screenshot of Forti web admin access sale listing
🔒

Unlock Full Breach Intelligence

Premium subscribers gain access to PLUS, PRO, or ELITE features, including breach claim URLs and fully unredacted threat and ransomware feeds with no blur, along with leak and breach coverage, 500+ onion and clearnet resources, uptime monitoring, high-resolution watermark-free images, and more.

Subscribe Now Subscribe with Crypto
🔬

API Access for Researchers & Security Teams

SOC teams, researchers, and security professionals can integrate Dark Web Informer's threat intelligence directly into their workflows via API. Access real-time breach data, threat feeds, and monitoring capabilities programmatically.

Learn About API Access

Dark Web Informer © 2025 | Cyber Threat Intelligence | DarkWebInformer.com

Related

Latest