Hackers Claim a Zoom Breach, Alleged FedEx Accounts and Government Logs on Sale

Over the past week, the SOCRadar Dark Web Team has uncovered several alarming cyber threats targeting various sectors. Notable incidents include the sale of logs and accounts allegedly belonging to government entities across 58 countries, and unauthorized accounts linked to FedEx. A pro-Russian hacktivist group also claims to have breached Zoom, compromising over millions of accounts.

Receive a Free Dark Web Report for Your Organization:

An Alleged Unauthorized Network Access Sale is Detected for an American Air Transportation Company

The SOCRadar Dark Web Team has identified a concerning post on a hacker forum where unauthorized network access is allegedly being sold for an American air transportation company. The threat actor claims to have gained access to a company operating within the transportation, logistics, and air services sectors, with an estimated revenue of $80 million. The advertised access includes VPN credentials with user-level privileges, offered for $8,000, though the price is negotiable.

1-Day LPE Exploit of Windows Machines is on Sale

The SOCRadar Dark Web Team detected a post on a hacker forum announcing the sale of a new 1-Day Local Privilege Escalation (LPE) exploit targeting Windows machines. The threat actor claims this exploit is effective across multiple versions of Windows, including Windows 7 through 11 and Windows Server editions. The exploit is allegedly stable and ideal for avoiding zero-day exploits on unpatched systems. The threat actor offers the exploit for $8,000 in binary form and $12,000 with additional variations, with only five copies available.

Alleged Log of Governmental Accounts is on Sale

The SOCRadar Dark Web Team recently uncovered a post on a hacker forum advertising the sale of logs and accounts allegedly belonging to various government entities. The threat actor behind the post claims to possess access to specific ministries across different countries. The post offers these logs at a price of $30 per country, with the cost varying depending on the size of the log file. The post is accompanied by a screenshot listing 58 countries, underscoring the extensive reach of this potential breach.

The Alleged Unauthorized Account Sale is Detected for the FedEx

The SOCRadar Dark Web Team detected a post on a hacker forum revealing an unauthorized account sale allegedly linked to FedEx. The threat actor behind the post claims to have access to FedEx domestic and international shipping labels and business accounts for FedEx, UPS, and DHL.

UserSec Claims to Have Breached Zoom, Allegedly Compromising 2 Million Accounts

The SOCRadar Dark Web Team detected a post on a Telegram channel where the pro-Russian hacktivist threat group UserSec claims to have breached Zoom, compromising over 2 million U.S.-based accounts. The group alleges that the compromised data includes emails, IP addresses, and clear-text passwords.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.