Jun 29, 2026
Table Of Content
E-Commerce Platforms Face Rising Dark Web Threats; Admin Access and Customer Data on Sale
Alleged Unauthorized Admin Access for European E-Commerce Companies
Alleged Database of Shopify Store Customers on Sale
Unauthorized Admin Access to Saudi Arabian Online Shop
Alleged Admin Access to German Gambio CMS E-Commerce Site
0-Day RCE Exploit for VoIP PBX on Sale
Related Articles
Aug 11, 2025
4 Mins Read
E-Commerce Platforms Face Rising Dark Web Threats; Admin Access and Customer Data on Sale
New activity observed by the SOCRadar Dark Web team reveals a growing trend of cybercriminal activity targeting global e-commerce businesses. Multiple threat actors have advertised unauthorized admin access, leaked customer databases, and even zero-day exploits, putting online retailers and their customers at significant risk.
Receive a Free Dark Web Report for Your Organization:
Alleged Unauthorized Admin Access for European E-Commerce Companies
SOCRadar has detected a Dark Web post offering alleged full admin access to several e-commerce companies operating in Europe. The seller claims the access allows payment detail modification, customer data extraction, and complete CMS control. Credentials are said to have been obtained via SQL exploitation, with the admin login, password, and details of the vulnerability included in the offer.
Alleged Database of Shopify Store Customers on Sale
A new listing on a hacker forum offers an alleged database containing 113,913 customer records from a Shopify store. The dataset reportedly includes names, emails, phone numbers, full addresses, account passwords, and order histories. The seller claims the store has generated over $4 million in sales, with nearly $700,000 in the last month alone.
Unauthorized Admin Access to Saudi Arabian Online Shop
SOCRadar has identified a post advertising admin-level access to a Magento-based e-commerce platform in Saudi Arabia. The compromised dashboard reportedly provides full visibility into customers, orders, and sales analytics. The store is said to have processed over 66,000 customer accounts and millions in sales revenue.
Alleged Admin Access to German Gambio CMS E-Commerce Site
A hacker forum post offers alleged admin credentials for a German online store running on Gambio CMS. The seller claims the setup enables both card and PayPal transactions and includes recent transaction statistics. Access is being auctioned, with payment accepted in cryptocurrency.
0-Day RCE Exploit for VoIP PBX on Sale
While not exclusive to e-commerce, a high-value listing advertises an alleged 0-day remote code execution and local privilege escalation exploit targeting popular corporate VoIP PBX software. The seller is asking $150,000, suggesting potential use in broader cyber operations.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.
