CISO2CISO.COM & CYBER SECURITY GROUP

An initial access broker claims to have hacked Deutsche Bank

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram.

A threat actor (0x_dump) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online.

The security researcher Dominic Alvieri was one of the first experts to report the announcement published by the initial access broker on Telegram.

The IAB claims to have access to around 21000 machines in the bank’s network, most of which are Windows systems. It also claims that the compromised machines were protected with a Symantec EDR solution.

“FTP , Shells , root , SQL-inj, DB, Servers.. We selling another network accss of a particular Bank, internal network ,we have DA, domain has around 21k machines configured most being windows Edr of machines are Symantec . Also internal network filters TCP,UDP,HTTP & HTTPS . Employees communicate between office chats services, there is file servers with more that 16TB of internal Data including share folder for every usr on the network & They also have flexcube DB.. We can provide VDI & VPN + all passwords of domain dump (with DA usr’s) Their funds is in B$ Price 7.5BTC We will request for proof that one can afford to avoid time wasters etc…” reads the announcement.

Breaking

Deutsche Bank allegedly breached and for sale by the same access broker that sold access to Medibank.

HQ in Frankfurt, Germany shown.

/db.com @DeutscheBank

c/o @osint_ben @Europol @DTCERT #cybersecurity #infosec@campuscodi @LawrenceAbrams pic.twitter.com/qFhwQ5zSIY

— Dominic Alvieri (@AlvieriD) November 11, 2022

The seller said to have had access to the chat services used for internal communications, he also claimed to have access to file servers containing 16 terabytes of data.

The IAB is offering access to the Deutsche Bank 7.5 Bitcoin, worth approximately $156,274.

The seller added that he is receiving a lot of requests for this offer:

“We are getting a lot of requests and it’s hard to filter out fake buyers so we ask for proof you can afford it or (share with us your @ on forums (we recommend we’ll known individuals for us to work easily)” added the seller.

Alvieri speculates that the IAB is the same broker who recently offered for sale access to the systems of the Australian health insurance Medibank.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Deutsche Bank)

The post An initial access broker claims to have hacked Deutsche Bank appeared first on Security Affairs.

Leer másSecurity Affairs

Leave a Reply

Your email address will not be published.