Threat Actors Selling Network Access of an African Bank.
According to a Tweet posted two months ago by Bank security where a threat actor claimed he has system and domain admin access to 2 Internal networks of an undisclosed bank. The focus of the claim is root access to the first network and Domain Admin Access to the second network. Making a total of 2 networks within the bank and promising the buyer will receive windows SYSTEM level privileges access to the network 1 and exclusive access to the hashes of users in the second network.
The same information has been offered for sale by another threat actor on another forum claiming the location of the bank to be Africa this time around.
Access also includes:
- Source code of Bank programs
- Bank’s Network structure
- Internal DB credentials
- Bank users PII Data
- Exploited evasion techniques
Leave a Reply