Skip to content Dark Web Informer - Cyber Threat Intelligence

Alleged Sale of Zero-Day Exploit Targeting BUKTS Gas Pump Admin Panels

📢 Unlock Exclusive Cyber Threat Intelligence

Powered by DarkWebInformer.com

Get foundational access to breach intelligence — track breaches, leaks, and threats in real-time with unfiltered screenshots and expert summaries.

📚
4,000+ Blog Posts: Continuously updated with breach reports and threat summaries.
📢
26,000+ Alerts: Access detailed breach, leak, and DDoS alerts updated daily.
📤
Unredacted Threat Feed: Track breaches and leaks in real-time with JSON export support.
🔍
Leak & Breach Coverage: Get direct access to breach posts and claims.
📡
Snippets & Quick Facts: Receive concise summaries of DDoS, defacements, and breaches.
🌐
Access 500+ Onion and Clearnet Resources: Gain verified access to a growing index of dark web sites and services.
📊
Real-Time Uptime Dashboard: Monitor live status of 500+ dark web and clearnet sites.
🤖
WhiteIntel.io API Access: Access an integrated API, in breach blog posts.
🖼️
High-Resolution Images: View uncompressed, watermark-free breach evidence.
🔑
Keyword Notifications: Receive browser alerts when monitored keywords are triggered.
👥
Telegram Channels: Stay in the know with access to different Telegram channels.
📨
PGP Contact Details: Access verified PGPs for ransomware and threat groups.

About the Exploit

A forum user going by SebastianDAlex has claimed to be selling a zero-day exploit that targets BUKTS gas pumps equipped with online Human-Machine Interfaces (HMI). According to the post, the exploit allows attackers to obtain credentials needed to access the gas pump’s admin panel, effectively giving them full remote control over the systems.

The threat actor claims that over 50 publicly accessible devices are currently vulnerable, and suggests that privately hosted versions of the same devices are also exposed.


⚠️ Disclaimer

Dark Web Informer shares this report for cybersecurity awareness and research purposes only. We do not endorse or support the unauthorized exploitation of industrial control systems (ICS) or SCADA devices.


📌 Overview of the Claim

AttributeDetails
Price$40,000 USD
Devices AffectedAll BUKTS gas pumps with online HMI
Potential DamageInventory manipulation, service shutdown, full admin access, game with settings
DeliveryAccess credentials for the admin panel

🧰 Claimed Capabilities

  • Obtain credentials for the BUKTS gas pump admin interface
  • Full access to inventory controls
  • Ability to shut down services remotely
  • Modify configuration and system settings
  • Control over device operations with no user interaction required

📸 Screenshot Preview


📢 Threat Actor’s Notes

  • Escrow is available through the forum to facilitate transactions
  • Contact: Forum PM or Telegram (@GhostSec420)
  • Additional images and technical details are available upon request via private message

🔗 Claim Post

https://xss.is/threads/142070/


🛡️ Security Implications

Potential Risks

  • Compromise of gas station infrastructure
  • Disruption of fuel services or manipulation of pump settings
  • Inventory tampering or financial fraud
  • Use in hacktivism, cybercrime, or ransomware operations targeting ICS environments
  • Immediately audit and restrict online HMI access
  • Deploy network segmentation for industrial controls
  • Monitor for unauthorized login attempts or abnormal configuration changes
  • Apply security patches and update credentials if applicable

💡 Final Thoughts

Attacks on critical infrastructure are becoming increasingly commoditized in underground markets. If this zero-day exploit is legitimate, it represents a serious threat to industrial control systems (ICS) and highlights the urgent need for improved security around Internet-exposed HMI devices.

Latest