Skip to content Dark Web Informer - Cyber Threat Intelligence
Support
Sign In Subscribe
Initial Access

DNI is Allegedly Selling Initial Access to Multiple Unidentified Companies in the USA

 and  Dark Web Informer
2 min read

💡 Subscribe to DarkWebInformer.com for Unmatched Cyber Threat Intelligence 💡

Why Subscribe? Let me do the work and save you time.

Stay ahead of cyber threats and safeguard your digital assets while enhancing your cybersecurity awareness with these exclusive subscriber-only features:

  • 📜
    Detailed Threat Posts: Stay updated on breaches, leaks, ransomware, DDoS attacks, and more.
  • 📡
    Exclusive Threat Feeds: Access the latest ransomware victim disclosures, breaches, leaks, and other critical updates. Approximately 100-150 alerts daily.
  • 🖼️
    High-Resolution Screenshots: All threat alerts include watermark-free, high-resolution images.
  • 🔗
    Direct Claim URLs: Instantly access claims with direct links for fast verification.

Click here to find out all of the exclusive benefits!

Subscribe Now Pay with Crypto

🔗 DarkWebInformer.com - Cyber Threat Intelligence

📅 Date: 2025-02-11 01:01:19
🚨 Title: Alleged Sale of Access to Unidentified Organizations in the USA
🛡️ Victim Country: USA
🏭 Victim Industry: Unspecified
🏢 Victim Organization: Unspecified
🌐 Victim Site: Unspecified
📜 Category: Initial Access
🔗 Claim: https://breachforums.st/Thread-Corp-Accesses-USA-CA
🕵️‍♂️ Threat Actor: DNI
🌍 Network: OpenWeb

What Happened?

A threat actor using the alias DNI has listed multiple corporate access points for sale, allegedly providing VPN and RDP access to various unidentified organizations in the USA. The listing includes access to different industries such as Software, Cable & Satellite, and Commercial Construction.

The pricing varies depending on the type and number of devices involved, with access costing between $700 and $800. The seller claims to have access to FortiVPN (OnlyVPN) connections, with some linked to domain controllers, SQL servers, CRM systems, and web services.

What Access Is Being Sold?

Organization 1

  • Industry: Software
  • Revenue: $30 million
  • Access Type: FortiVPN (OnlyVPN)
  • Infrastructure: 10 devices/servers joined to domain (DC located)
  • Price: $700

Organization 2

  • Industry: Cable & Satellite
  • Revenue: $30 million
  • Access Type: FortiVPN (OnlyVPN)
  • Infrastructure: 17 devices (7 in Active Directory, DC & Backup Server)
  • Price: $800

Organization 3

  • Industry: Commercial & Residential Construction
  • Revenue: $30 million
  • Access Type: FortiVPN (OnlyVPN)
  • Infrastructure: 52 devices, 4 servers in domain (SQL, DC, CRM, Web)
  • Price: $700

WhiteIntel.io Data Leak Information

(No victim site disclosed)

Why This Matters

  • Corporate Network Exploitation – VPN and RDP access can enable threat actors to infiltrate enterprise networks, leading to data theft, ransomware deployment, and persistent threats.
  • Financial & Reputational Risks – Unauthorized access to corporate environments could result in fraud, insider trading risks, and exposure of confidential business data.
  • Supply Chain Attack Potential – If these organizations have B2B relationships, attackers could pivot into connected networks, impacting partners and customers.
  • Compromise of Critical IT Systems – Access to domain controllers, SQL databases, and CRM systems indicates potential for privilege escalation, data exfiltration, and operational disruption.

What Should Be Done?

  • Review VPN and RDP access logs for any unauthorized connections.
  • Enforce multi-factor authentication (MFA) on all remote access points.
  • Segment critical infrastructure to prevent lateral movement.
  • Harden Active Directory security and monitor domain controller activity.
  • Conduct an immediate forensic audit to detect potential unauthorized access attempts.

Stay ahead of cyber threats. Visit DarkWebInformer.com for real-time updates on security risks and emerging cyber threats.

Related

Latest