βΌοΈ A new IVR (Interactive Voice Response) 0day automation tool is allegedly being sold on a hacking forum, marketed for high-speed SIP-based attacks against voice menu systems.
β
β£ Threat Actor: GENERAL DARK
β£ Category: Fraud Tool / SIP Abuse
β£ Product: Ultimate IVR 0DAY
β£ Industry: Telecom Fraud / Vishing Infrastructure
β
The actor is advertising a high-throughput IVR manipulation engine designed to bypass standard voice-menu protections, automate digit entry at scale, and process multiple targets per call. The tool is marketed for "stress-testing" but the feature set (DND filtering, auto-authentication, multi-hit batching, response routing) aligns with carding and account-takeover automation against IVR-based banking and customer service systems.
β
What's advertised:
β
βͺοΈ Human-Frame "Barge-In" Mode: interrupts IVR prompts in 50ms to bypass listening delays
βͺοΈ Ghost Protocol (DTMF Override): switches signal transport mid-call to evade fingerprinting
βͺοΈ Real-Time Lag Intel: tracks first-response latency to identify high-quality targets
βͺοΈ Direct-to-Socket RTP: bypasses third-party media servers for raw UDP socket access
βͺοΈ Smart "Do Not Disturb" filtering to preserve credits
βͺοΈ Multi-Hit Batching: process 5β20 IDs/products in a single call
βͺοΈ Intelligent Response Routing via custom JSON logic
βͺοΈ Auto-Authentication: handles SIP 401/407 challenges automatically
βͺοΈ High-Volume SIP Stack: thousands of concurrent calls from a single port
βͺοΈ Parallel Worker Pool: 20 simultaneous calls per session
βͺοΈ Surgical Timing: 75ms between digits, 100ms tone duration
βͺοΈ Auto-Retry Engine on dropped calls
βͺοΈ Live audio analysis (RMS energy detection for human/robot/silence)
βͺοΈ Structured per-session logs (Product ID, duration, raw response, latency, final status)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: GENERAL DARK
β£ Category: Fraud Tool / SIP Abuse
β£ Product: Ultimate IVR 0DAY
β£ Industry: Telecom Fraud / Vishing Infrastructure
β
The actor is advertising a high-throughput IVR manipulation engine designed to bypass standard voice-menu protections, automate digit entry at scale, and process multiple targets per call. The tool is marketed for "stress-testing" but the feature set (DND filtering, auto-authentication, multi-hit batching, response routing) aligns with carding and account-takeover automation against IVR-based banking and customer service systems.
β
What's advertised:
β
βͺοΈ Human-Frame "Barge-In" Mode: interrupts IVR prompts in 50ms to bypass listening delays
βͺοΈ Ghost Protocol (DTMF Override): switches signal transport mid-call to evade fingerprinting
βͺοΈ Real-Time Lag Intel: tracks first-response latency to identify high-quality targets
βͺοΈ Direct-to-Socket RTP: bypasses third-party media servers for raw UDP socket access
βͺοΈ Smart "Do Not Disturb" filtering to preserve credits
βͺοΈ Multi-Hit Batching: process 5β20 IDs/products in a single call
βͺοΈ Intelligent Response Routing via custom JSON logic
βͺοΈ Auto-Authentication: handles SIP 401/407 challenges automatically
βͺοΈ High-Volume SIP Stack: thousands of concurrent calls from a single port
βͺοΈ Parallel Worker Pool: 20 simultaneous calls per session
βͺοΈ Surgical Timing: 75ms between digits, 100ms tone duration
βͺοΈ Auto-Retry Engine on dropped calls
βͺοΈ Live audio analysis (RMS energy detection for human/robot/silence)
βͺοΈ Structured per-session logs (Product ID, duration, raw response, latency, final status)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπΊπΈ Fund for Teachers (fundforteachers.org), a U.S. nonprofit that provides grants to teachers, has allegedly been breached, with a database containing 51,458 unique user records and grant application data leaked.
β
β£ Threat Actor: goyim
β£ Category: Data Leak
β£ Victim: Fund for Teachers
β£ Industry: Nonprofit / Education
β
The actor states the dataset is limited to teachers and does not contain student information. The nonprofit reportedly claims to have paid out $40 million in total grants. Additional PII is described as easily accessible through other sections of the database beyond what's in the users table.
β
What's in it:
β
βͺοΈ 51,458 unique combined user_id records
βͺοΈ User IDs and usernames (emails)
βͺοΈ Bcrypt password hashes
βͺοΈ Password tokens
βͺοΈ First and last names
βͺοΈ Office and cell phone numbers
βͺοΈ Company, title, full address (street, city, state, zip)
βͺοΈ Email signatures
βͺοΈ Role information
βͺοΈ Grant applications and statuses
βͺοΈ Various newsletter and email subscription flags
βͺοΈ Account active/temp status, last search history, modification timestamps
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: goyim
β£ Category: Data Leak
β£ Victim: Fund for Teachers
β£ Industry: Nonprofit / Education
β
The actor states the dataset is limited to teachers and does not contain student information. The nonprofit reportedly claims to have paid out $40 million in total grants. Additional PII is described as easily accessible through other sections of the database beyond what's in the users table.
β
What's in it:
β
βͺοΈ 51,458 unique combined user_id records
βͺοΈ User IDs and usernames (emails)
βͺοΈ Bcrypt password hashes
βͺοΈ Password tokens
βͺοΈ First and last names
βͺοΈ Office and cell phone numbers
βͺοΈ Company, title, full address (street, city, state, zip)
βͺοΈ Email signatures
βͺοΈ Role information
βͺοΈ Grant applications and statuses
βͺοΈ Various newsletter and email subscription flags
βͺοΈ Account active/temp status, last search history, modification timestamps
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπ«π· Groupe CGA, a French automotive dealership group, has allegedly been breached, with customer and employee databases offered for sale.
β
β£ Threat Actor: DumpsecV2
β£ Category: Data Leak / Sale
β£ Victim: Groupe CGA
β£ Industry: Automotive / Dealerships
β
The actor (operating under the Dumpsec banner) is publicly denying recent rumors of arrests within their group and announces an upcoming "big event" planned for the summer. The post also contains a personal message directed at an individual named "Christophe Boutry."
β
What's in it:
β
βͺοΈ 65,000 customer records
βͺοΈ 2,500 employee records
β
βͺοΈ Employee data fields:
- GCALD ID, email, first name, last name
- Dealership location
- Internal/external phone numbers
- Mobile numbers
- Group affiliation
β
βͺοΈ Customer data fields:
- ID, dealership, customer ID, customer name
- Vehicle make, model, mileage (km)
- Total amount, net total, contract start/end dates, duration
- Vehicle registration number, VIN
- Contract ID and type
- First name, last name, town, postcode, telephone
- GCA Plus status, contract creation/sort timestamps
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: DumpsecV2
β£ Category: Data Leak / Sale
β£ Victim: Groupe CGA
β£ Industry: Automotive / Dealerships
β
The actor (operating under the Dumpsec banner) is publicly denying recent rumors of arrests within their group and announces an upcoming "big event" planned for the summer. The post also contains a personal message directed at an individual named "Christophe Boutry."
β
What's in it:
β
βͺοΈ 65,000 customer records
βͺοΈ 2,500 employee records
β
βͺοΈ Employee data fields:
- GCALD ID, email, first name, last name
- Dealership location
- Internal/external phone numbers
- Mobile numbers
- Group affiliation
β
βͺοΈ Customer data fields:
- ID, dealership, customer ID, customer name
- Vehicle make, model, mileage (km)
- Total amount, net total, contract start/end dates, duration
- Vehicle registration number, VIN
- Contract ID and type
- First name, last name, town, postcode, telephone
- GCA Plus status, contract creation/sort timestamps
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈ New Dark Web Informer Blog Post!
Title: When the Watchman Gets Watched: Trellix Discloses Source Code Breach
Link: https://darkwebinformer.com/when-the-watchman-gets-watched-trellix-discloses-source-code-breach/
Title: When the Watchman Gets Watched: Trellix Discloses Source Code Breach
Link: https://darkwebinformer.com/when-the-watchman-gets-watched-trellix-discloses-source-code-breach/
Dark Web Informer
When the Watchman Gets Watched: Trellix Discloses Source Code Breach
There's something uniquely unsettling about a cybersecurity company getting hacked. It's the digital equivalent of a locksmith calling to say someone picked their front door. This week, Trellix joined that uncomfortable club, confirming that attackers gainedβ¦
βΌοΈ New Dark Web Informer Blog Post!
Title: "Copy Fail" Lands on CISA's KEV: A Nine-Year-Old Linux Bug Becomes a Patch Deadline
Link: https://darkwebinformer.com/copy-fail-lands-on-cisas-kev-a-nine-year-old-linux-bug-becomes-a-patch-deadline/
Title: "Copy Fail" Lands on CISA's KEV: A Nine-Year-Old Linux Bug Becomes a Patch Deadline
Link: https://darkwebinformer.com/copy-fail-lands-on-cisas-kev-a-nine-year-old-linux-bug-becomes-a-patch-deadline/
Dark Web Informer
"Copy Fail" Lands on CISA's KEV: A Nine-Year-Old Linux Bug Becomes a Patch Deadline
On May 1, 2026, CISA added CVE-2026-31431, better known as "Copy Fail," to its Known Exploited Vulnerabilities (KEV) catalog. Federal civilian agencies have until May 15 to patch under BOD 22-01. Everyone else should read that deadline as a strong hint.
βΌοΈπ¨π Zurich Insurance has allegedly been breached, with a massive leak containing over 4.26 million insurance contract records and a second file covering insurance policies released for free.
β
β£ Threat Actor: NormalLeVrai
β£ Category: Data Leak
β£ Victim: Zurich Insurance (zurich.com)
β£ Industry: Insurance
β
The actor is releasing two Swiss-related files containing structured insurance data, including detailed contract, policyholder, vehicle, and financial information.
β
What's in it:
β
First file (zurich.com.csv): 4,260,757 complete lines of structured insurance data:
- Insurance contracts (policies)
- Clients (policyholders)
- Insured vehicles
- Intermediaries (agents)
- Financial and commercial information
- Coverage details and insured amounts
- Product-specific information (home, business insurance)
- Primary driver and owner data
- Business indicators (status, assistance options, customer value)
β
Second file (lluch20210629.sql): complete dataset on insurance contracts:
- Policy information: contract number, version, product type, structure, key dates
- Policyholder data: identity (last name, first name), national ID/Tax ID, contact info (address, phone, email)
- Insured vehicle info: registration number, make, model, technical specs (power, engine type, seats)
- Intermediary (agent/broker) info: identifier, name, contact details
- Contractual and financial elements: IBAN, receipt status, insured capital, deductibles, contract terms
- Product-specific data (residential/commercial): property use, dwelling type, business activity
- Linked individuals: primary driver and vehicle owner
- Business indicators: policy status, customer value, up to 10 assistance options
- Additional info: contract language, insurance company, chosen package/plan
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: NormalLeVrai
β£ Category: Data Leak
β£ Victim: Zurich Insurance (zurich.com)
β£ Industry: Insurance
β
The actor is releasing two Swiss-related files containing structured insurance data, including detailed contract, policyholder, vehicle, and financial information.
β
What's in it:
β
First file (zurich.com.csv): 4,260,757 complete lines of structured insurance data:
- Insurance contracts (policies)
- Clients (policyholders)
- Insured vehicles
- Intermediaries (agents)
- Financial and commercial information
- Coverage details and insured amounts
- Product-specific information (home, business insurance)
- Primary driver and owner data
- Business indicators (status, assistance options, customer value)
β
Second file (lluch20210629.sql): complete dataset on insurance contracts:
- Policy information: contract number, version, product type, structure, key dates
- Policyholder data: identity (last name, first name), national ID/Tax ID, contact info (address, phone, email)
- Insured vehicle info: registration number, make, model, technical specs (power, engine type, seats)
- Intermediary (agent/broker) info: identifier, name, contact details
- Contractual and financial elements: IBAN, receipt status, insured capital, deductibles, contract terms
- Product-specific data (residential/commercial): property use, dwelling type, business activity
- Linked individuals: primary driver and vehicle owner
- Business indicators: policy status, customer value, up to 10 assistance options
- Additional info: contract language, insurance company, chosen package/plan
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π₯1
βΌοΈ New Dark Web Informer Blog Post!
Title: When a Screensaver Cracked the Internet's Trust Layer: Inside the DigiCert Hack
Link: https://darkwebinformer.com/when-a-screensaver-cracked-the-internets-trust-layer-inside-the-digicert-hack/
Title: When a Screensaver Cracked the Internet's Trust Layer: Inside the DigiCert Hack
Link: https://darkwebinformer.com/when-a-screensaver-cracked-the-internets-trust-layer-inside-the-digicert-hack/
Dark Web Informer
When a Screensaver Cracked the Internet's Trust Layer: Inside the DigiCert Hack
Certificate authorities sit at the foundation of online trust. So when one of the largest, DigiCert, gets hacked through a fake screenshot in a customer support chat, it is worth paying attention.
π1
βΌοΈπ¦πͺ Handala Hack has launched a coordinated attack on the Fujairah Port and other entities in the UAE.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β€1
βΌοΈπ«π· Bouygues Telecom, one of France's largest telecommunications providers, has allegedly been breached, with an 80.9 GB database being offered for sale by a new threat actor group.
β
β£ Threat Actor: OverSec
β£ Category: Data Sale
β£ Victim: Bouygues Telecom
β£ Industry: Telecommunications
β
The actor introduces themselves as "OverSec" and announces this as their first claim, offering the Bouygues Telecom database obtained on May 1, 2026. Database fields and a sample are distributed via Pastebin links, with proof of access and negotiations available through Session.
β
What's in it:
β
βͺοΈ Total size: 80.9 GB (86,876,683,642 bytes)
βͺοΈ Format: JSONL
βͺοΈ Date: May 1, 2026
βͺοΈ Database fields and sample distributed via Pastebin
βͺοΈ Contact: Session ID provided
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: OverSec
β£ Category: Data Sale
β£ Victim: Bouygues Telecom
β£ Industry: Telecommunications
β
The actor introduces themselves as "OverSec" and announces this as their first claim, offering the Bouygues Telecom database obtained on May 1, 2026. Database fields and a sample are distributed via Pastebin links, with proof of access and negotiations available through Session.
β
What's in it:
β
βͺοΈ Total size: 80.9 GB (86,876,683,642 bytes)
βͺοΈ Format: JSONL
βͺοΈ Date: May 1, 2026
βͺοΈ Database fields and sample distributed via Pastebin
βͺοΈ Contact: Session ID provided
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Notepad now gaslights you about what you just typed
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π4
βΌοΈπ«π· La Redoute, a major French e-commerce and home goods retailer, has allegedly been scraped, with a dataset of 96,191 customer expedition (shipment) records leaked.
β
β£ Threat Actor: Lagui
β£ Victim: La Redoute
β£ Industry: Retail / E-commerce
β
The actor states the data was scraped a few weeks prior to posting and is completely fresh, never circulated elsewhere. The scrape focuses on shipment/expedition records spanning late 2025 through 2026, including detailed package tracking and delivery event histories.
β
What's in it:
β
βͺοΈ 96,191 complete expedition (shipment) entries
βͺοΈ Expedition IDs and order numbers
βͺοΈ Client IDs
βͺοΈ Customer first names and last names
βͺοΈ Full addresses, postal codes, cities
βͺοΈ Phone numbers (multiple per record)
βͺοΈ Email addresses
βͺοΈ Package IDs, arrival dates, creation dates
βͺοΈ Store/enseigne information (e.g., "(01) LA REDOUTE")
βͺοΈ Delivery type (Relais, Livraison)
βͺοΈ Order quantities, declared volume and weight
βͺοΈ Recycling status
βͺοΈ Detailed event histories: agent names, timestamps, event descriptions, operation dates, package rank and status (e.g., package pickup, retour, livraison confirmation, EDI announcements)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: Lagui
β£ Victim: La Redoute
β£ Industry: Retail / E-commerce
β
The actor states the data was scraped a few weeks prior to posting and is completely fresh, never circulated elsewhere. The scrape focuses on shipment/expedition records spanning late 2025 through 2026, including detailed package tracking and delivery event histories.
β
What's in it:
β
βͺοΈ 96,191 complete expedition (shipment) entries
βͺοΈ Expedition IDs and order numbers
βͺοΈ Client IDs
βͺοΈ Customer first names and last names
βͺοΈ Full addresses, postal codes, cities
βͺοΈ Phone numbers (multiple per record)
βͺοΈ Email addresses
βͺοΈ Package IDs, arrival dates, creation dates
βͺοΈ Store/enseigne information (e.g., "(01) LA REDOUTE")
βͺοΈ Delivery type (Relais, Livraison)
βͺοΈ Order quantities, declared volume and weight
βͺοΈ Recycling status
βͺοΈ Detailed event histories: agent names, timestamps, event descriptions, operation dates, package rank and status (e.g., package pickup, retour, livraison confirmation, EDI announcements)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπΊπΈ Johnson & Johnson Innovative Medicine has been claimed a victim to SpaceBears Ransomware
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈ DOJ Press Release
βββββββββββββββββββββ
Member of Prolific Russian Ransomware Group Sentenced to Prison
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
Note: DOJ articles that are not Cyber related will be removed manually.
βββββββββββββββββββββ
Member of Prolific Russian Ransomware Group Sentenced to Prison
Full Press Release β justice.gov
βββββββββββββββββββββ
π΅οΈ Dark Web Informer β’ DOJ Monitor
Note: DOJ articles that are not Cyber related will be removed manually.
www.justice.gov
Member of Prolific Russian Ransomware Group Sentenced to Prison
A Latvian national was sentenced today to 102 months in prison for his role in a major Russian ransomware organization that stole from and extorted over 54 companies.
βΌοΈLexus has been claimed a victim to Qilin Ransomware
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
βΌοΈπ¬πΉπͺπ¨ Azzorti, a Latin American direct-sales beauty and fashion brand operating across Guatemala and Ecuador, has allegedly been breached, with the entire database from intranet.azzorti.com and intranet.azzorti.gt offered for sale.
β
β£ Threat Actor: NyxarGroup (in collaboration with Petro_Escobar & ArcRaidersPlayer)
β£ Category: Data Sale
β£ Victim: Azzorti
β£ Industry: Retail / Direct Sales / Cosmetics
β
The actor is selling access to two intranet sites belonging to Azzorti, claiming the dataset includes business operations data alongside customer/consultant PII. The leak is offered for $400.
β
What's in it:
β
βͺοΈ Internal documents
βͺοΈ Power BI reports
βͺοΈ Supplier information
βͺοΈ Product catalogs
βͺοΈ Sales records
βͺοΈ Business charts
βͺοΈ Quotes
βͺοΈ 2 databases with the following structure:
βͺοΈCodigo (code), Identificacion (ID), Consec
βͺοΈZona (zone)
βͺοΈNombres / Apellidos (first/last names)
βͺοΈDireccion (address)
βͺοΈTelefonos (phone numbers)
βͺοΈDistrito / Provincia (district/province)
βͺοΈCamp Ingr, Digito, Cupo
βͺοΈPedidos (orders)
βͺοΈDigito Anterior
βͺοΈDireccion Referencia (reference address)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β
β£ Threat Actor: NyxarGroup (in collaboration with Petro_Escobar & ArcRaidersPlayer)
β£ Category: Data Sale
β£ Victim: Azzorti
β£ Industry: Retail / Direct Sales / Cosmetics
β
The actor is selling access to two intranet sites belonging to Azzorti, claiming the dataset includes business operations data alongside customer/consultant PII. The leak is offered for $400.
β
What's in it:
β
βͺοΈ Internal documents
βͺοΈ Power BI reports
βͺοΈ Supplier information
βͺοΈ Product catalogs
βͺοΈ Sales records
βͺοΈ Business charts
βͺοΈ Quotes
βͺοΈ 2 databases with the following structure:
βͺοΈCodigo (code), Identificacion (ID), Consec
βͺοΈZona (zone)
βͺοΈNombres / Apellidos (first/last names)
βͺοΈDireccion (address)
βͺοΈTelefonos (phone numbers)
βͺοΈDistrito / Provincia (district/province)
βͺοΈCamp Ingr, Digito, Cupo
βͺοΈPedidos (orders)
βͺοΈDigito Anterior
βͺοΈDireccion Referencia (reference address)
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations