Skip to content

Broker miyako Advertising Root-Level Firewall Access to Five Organizations Across Four Countries

Access Roundup UAE flagUnited States flagSouth Korea flagSaudi Arabia flagMulti-region Initial Access Broker

Broker miyako Advertising Root-Level Firewall Access to Five Organizations Across Four Countries

An initial access broker using the alias miyako is advertising root-level access to five separate organizations, each priced at $400 (non-negotiable). Every listing describes the same access: a Linux-based firewall appliance with Root RCE and shell permissions, with the target's revenue listed as unknown. The targets are identified only by sector and country: a UAE oilfield services contractor, a USA retail pharmacy chain, a South Korean electronics firm, a Saudi logistics and supply-chain company, and a USA call-center operation. No company names are given, and the listings are unverified.

Listings5
Price$400 each
AccessRoot RCE + Shell
Actormiyako

Listing details

Actormiyako (Initial Access Broker)
Listings5, posted same day
AccessRoot RCE + Shell
DeviceFirewall (Linux)
Price$400 each, non-negotiable
RevenueListed as unknown
Observed
ContactWithheld (Session)

!Targets listed

  • UAE flagUAE oilfield services contractor
  • United States flagUSA retail pharmacy chain
  • South Korea flagSouth Korean electronics firm
  • Saudi Arabia flagSaudi logistics & supply chain
  • United States flagUSA call-center operation

Screenshots

Potential impact

Root-level RCE and shell access to a firewall appliance would give a buyer a strong foothold at the network perimeter, the kind of access commonly used as a starting point for ransomware and data theft. The listed targets span energy, healthcare and retail, manufacturing, and logistics across four countries, so if genuine the accesses could affect sensitive sectors. That said, none of the targets is named, the seller lists their revenue as unknown, the low flat price offers little indication of value, and none of the access is verified. The Session contact channel is not reproduced here.

iStatus

Unverified

These are initial-access-broker listings advertising network access rather than a data leak; no company is named and no access has been verified. The seller's Session contact channel is not reproduced here. The same contact and access profile appear across all five posts, indicating a single batch from one broker.

Want the non-redacted screenshots? Paid subscribers get all of the claim details and unredacted screenshots. Check out the threat feed or ransomware feed (whichever applies to this post), then after subscribing, search there for this alert to view the unredacted version. View pricing →

DARK WEB INFORMER - THREAT INTELLIGENCE

Latest