New IAB Sets Up Tor Shop to Sell Access to Major Companies
Access to important corporations throughout the world is now being sold by a new threat actor. Br0k3r stands noteworthy, though, because it is one of the first to trade access through its website.
Br0k3r is what cybersecurity pundits call an initial access broker (IAB). These attackers have made a name for themselves as leaders in online crime. They sell access to numerous businesses, enabling customers to penetrate and infect those businesses with ransomware.
IB-Group, a cybersecurity business that has been monitoring the IAB market, has highlighted a brand-new IAB named Br0k3r. On June 17, the attacker created an account on one of the dark forums. Experts claim that Br0k3r was among the “first to conduct private access sales through its website.”
The majority of the listed businesses appear to be large players, with annual sales in the tens of millions of dollars. A Spanish manufacturer, a supplier, and installation of tracker equipment with $600 million in revenue, and a Norwegian multinational firm with a mind-boggling $1.1 billion in revenue are among the biggest possible targets for crooks.
Our Readers ALSO READCybercrime Group Uses Advanced Social Engineering to Target BPO Sector
Br0k3r is selling access to companies in the US, UK, UAE, Taiwan, and Switzerland, among other countries.
According to the IB-Group’s Hi-Tech Crime Trend Report, IABs usually compromise VPN and RDP accounts to penetrate an organization’s network. During the period from June 2021 to June 2022, there were 380 active IABs worldwide.