VPN Access of Company with Annual Revenue of $15 Billion for Sale

Published 20 May 2021


  • CloudSEK discovered a post on cybercrime forum selling VPN access to a $15 billion company
  • The actor claims that the victim is a manufacturer of computer peripherals and devices

Share this Threat Intel:

Category
Adversary Intelligence
Affected Industries
IT & Technology
Affected Region
US, East Asia

Executive Summary

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a cyber crime marketplace, advertising the VPN access to a manufacturer of computer peripherals and devices, with an annual revenue of $15 billion. Based on our analysis, the victim company can be any one of the following :

  • Western Digital
  • Great Wall Technology Co. China
VPN Access post
Threat actor’s post advertising the VPN access

Potential Impact

  • VPN accesses (initial foothold) can be abused to further advance the attack into other internal networks of the target company.
  • Ransomware operators buy initial accesses from such marketplaces to deploy ransomware to lock out the data.
  • Attackers can make unauthorized changes in the production environment to include malware leading to supply chain compromise affecting the end-users of the company’s product.

Mitigation Measures

  • Patch and update VPN software solutions.
  • Secure VPN endpoints with complex credentials.
  • Deploy effective EDR/XDR/IDPS to monitor and prevent intrusions.
  • Train the employees on cyber hygiene, focusing on phishing emails and social engineering tactics.

Be informed in your Inbox

Sign up now to our Threat intelligence Newsletter and be the first to know about threats first in your inbox.

Join the Discussions

Discuss your way into our Community about these threats and stay Vigilant and informed.