Skip to content Dark Web Informer - Cyber Threat Intelligence
Support
Sign In Subscribe
Data Breaches

asm is Allegedly Selling Access to a DNS Controller

 and  Dark Web Informer - Cyber Threat Intelligence
2 min read

💡This post is part of Free Post Friday! If you're interested in subscribing to the platform please visit the subscriber page: https://darkwebinformer.com/status/#/portal/signup. If you would prefer to pay via cryptocurrency, please visit: https://darkwebinformer.com/crypto-payments

If you're interested in advertising please visit: https://darkwebinformer.com/advertising-rates/

🔎 Quick Facts

🔗 DarkWebInformer.com - Cyber Threat Intelligence
📅 Date: 2025-02-21 03:43:30
🚨 Title: Alleged Sale of Access to a DNS Controller
🛡️ Victim Country: Unspecified
🏭 Victim Industry: Unspecified
🏢 Victim Organization: Unspecified
🌐 Victim Site: Not Provided
📜 Category: Alert
🔗 Claim: https://breachforums.st/Thread-8500-DNS-Controller-62-Domains-HIGH-TRAFFIC
🕵️‍♂️ Threat Actor: asm
🌍 Network: OpenWeb

📝 What Happened?

A threat actor identified as asm has posted a DNS controller access listing for sale on a cybercrime forum. The listing claims to provide administrative control over 62 domains with high traffic volumes, estimated at 24 million monthly visitors, primarily from Eastern regions.

The advertised access enables full control over DNS records (TXT, A, AAAA) and mail configurations, making it a highly valuable asset for cybercriminals.

Potential malicious use cases include:

  • Phishing attacks – Redirect users to fraudulent login pages.
  • Account interception – Manipulate mail and authentication records for credential hijacking.
  • Malware distribution – Inject malicious redirects or exploit kits.
  • SEO manipulation – Influence search rankings for illicit purposes.
  • Corporate sign-ups fraud – Abuse domain credibility for fraudulent transactions.

The seller is offering access for $8,500 XMR (Monero) and is willing to use escrow services.

📊 Compromised Access Details

  • Type of Access: Full control over DNS records of 62 domains.
  • Traffic Volume: Estimated 24M monthly visitors.
  • Primary Industry: Entertainment.
  • Potential Impact: Phishing, malware distribution, fraud.

🛡 WhiteIntel.io Data Leak Information

(No victim site disclosed)

Implications

  • Widespread Cybercrime Risks – The sale of DNS-level access could enable nation-state actors, APT groups, and cybercriminal syndicates to conduct high-impact attacks.
  • Potential Supply Chain Threat – If business-critical domains are included, attackers could intercept emails, manipulate enterprise traffic, or spread malware via trusted sources.
  • Legal & Regulatory Consequences – If exploited, this could trigger GDPR, CCPA, and cybersecurity law violations, leading to fines and lawsuits.
  • Urgent DNS Security Review – Organizations should audit DNS configurations and administrative access logs.
  • Multi-Factor Authentication (MFA) Enforcement – Strengthen DNS provider logins to prevent unauthorized access.
  • Monitoring & Threat Intelligence Integration – Watch for suspicious DNS changes, phishing campaigns, and malware redirections.
  • Coordination with Cybersecurity Agencies – Enterprises should collaborate with CERTs and law enforcement to track and mitigate threats.

Stay informed on emerging cyber threats. Visit DarkWebInformer.com for real-time updates on security risks and breaches.

Related

Latest