‼️ A new IVR (Interactive Voice Response) 0day automation tool is allegedly being sold on a hacking forum, marketed for high-speed SIP-based attacks against voice menu systems.
⠀
‣ Threat Actor: GENERAL DARK
‣ Category: Fraud Tool / SIP Abuse
‣ Product: Ultimate IVR 0DAY
‣ Industry: Telecom Fraud / Vishing Infrastructure
⠀
The actor is advertising a high-throughput IVR manipulation engine designed to bypass standard voice-menu protections, automate digit entry at scale, and process multiple targets per call. The tool is marketed for "stress-testing" but the feature set (DND filtering, auto-authentication, multi-hit batching, response routing) aligns with carding and account-takeover automation against IVR-based banking and customer service systems.
⠀
What's advertised:
⠀
▪️ Human-Frame "Barge-In" Mode: interrupts IVR prompts in 50ms to bypass listening delays
▪️ Ghost Protocol (DTMF Override): switches signal transport mid-call to evade fingerprinting
▪️ Real-Time Lag Intel: tracks first-response latency to identify high-quality targets
▪️ Direct-to-Socket RTP: bypasses third-party media servers for raw UDP socket access
▪️ Smart "Do Not Disturb" filtering to preserve credits
▪️ Multi-Hit Batching: process 5–20 IDs/products in a single call
▪️ Intelligent Response Routing via custom JSON logic
▪️ Auto-Authentication: handles SIP 401/407 challenges automatically
▪️ High-Volume SIP Stack: thousands of concurrent calls from a single port
▪️ Parallel Worker Pool: 20 simultaneous calls per session
▪️ Surgical Timing: 75ms between digits, 100ms tone duration
▪️ Auto-Retry Engine on dropped calls
▪️ Live audio analysis (RMS energy detection for human/robot/silence)
▪️ Structured per-session logs (Product ID, duration, raw response, latency, final status)
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇺🇸 Fund for Teachers (fundforteachers.org), a U.S. nonprofit that provides grants to teachers, has allegedly been breached, with a database containing 51,458 unique user records and grant application data leaked.
⠀
‣ Threat Actor: goyim
‣ Category: Data Leak
‣ Victim: Fund for Teachers
‣ Industry: Nonprofit / Education
⠀
The actor states the dataset is limited to teachers and does not contain student information. The nonprofit reportedly claims to have paid out $40 million in total grants. Additional PII is described as easily accessible through other sections of the database beyond what's in the users table.
⠀
What's in it:
⠀
▪️ 51,458 unique combined user_id records
▪️ User IDs and usernames (emails)
▪️ Bcrypt password hashes
▪️ Password tokens
▪️ First and last names
▪️ Office and cell phone numbers
▪️ Company, title, full address (street, city, state, zip)
▪️ Email signatures
▪️ Role information
▪️ Grant applications and statuses
▪️ Various newsletter and email subscription flags
▪️ Account active/temp status, last search history, modification timestamps
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇨🇭 Zurich Insurance has allegedly been breached, with a massive leak containing over 4.26 million insurance contract records and a second file covering insurance policies released for free.
⠀
‣ Threat Actor: NormalLeVrai
‣ Category: Data Leak
‣ Victim: Zurich Insurance (zurich.com)
‣ Industry: Insurance
⠀
The actor is releasing two Swiss-related files containing structured insurance data, including detailed contract, policyholder, vehicle, and financial information.
⠀
What's in it:
⠀
First file (zurich.com.csv): 4,260,757 complete lines of structured insurance data:

- Insurance contracts (policies)
- Clients (policyholders)
- Insured vehicles
- Intermediaries (agents)
- Financial and commercial information
- Coverage details and insured amounts
- Product-specific information (home, business insurance)
- Primary driver and owner data
- Business indicators (status, assistance options, customer value)
⠀
Second file (lluch20210629.sql): complete dataset on insurance contracts:

- Policy information: contract number, version, product type, structure, key dates
- Policyholder data: identity (last name, first name), national ID/Tax ID, contact info (address, phone, email)
- Insured vehicle info: registration number, make, model, technical specs (power, engine type, seats)
- Intermediary (agent/broker) info: identifier, name, contact details
- Contractual and financial elements: IBAN, receipt status, insured capital, deductibles, contract terms
- Product-specific data (residential/commercial): property use, dwelling type, business activity
- Linked individuals: primary driver and vehicle owner
- Business indicators: policy status, customer value, up to 10 assistance options
- Additional info: contract language, insurance company, chosen package/plan
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇫🇷 La Redoute, a major French e-commerce and home goods retailer, has allegedly been scraped, with a dataset of 96,191 customer expedition (shipment) records leaked.
⠀
‣ Threat Actor: Lagui
‣ Victim: La Redoute
‣ Industry: Retail / E-commerce
⠀
The actor states the data was scraped a few weeks prior to posting and is completely fresh, never circulated elsewhere. The scrape focuses on shipment/expedition records spanning late 2025 through 2026, including detailed package tracking and delivery event histories.
⠀
What's in it:
⠀
▪️ 96,191 complete expedition (shipment) entries
▪️ Expedition IDs and order numbers
▪️ Client IDs
▪️ Customer first names and last names
▪️ Full addresses, postal codes, cities
▪️ Phone numbers (multiple per record)
▪️ Email addresses
▪️ Package IDs, arrival dates, creation dates
▪️ Store/enseigne information (e.g., "(01) LA REDOUTE")
▪️ Delivery type (Relais, Livraison)
▪️ Order quantities, declared volume and weight
▪️ Recycling status
▪️ Detailed event histories: agent names, timestamps, event descriptions, operation dates, package rank and status (e.g., package pickup, retour, livraison confirmation, EDI announcements)
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations