1/2‼️🇦🇷 Argentine government and Crónica.com allegedly breached exposing 80M credentials and sensitive admin data
A threat actor, claiming filtering by EsqueleSquad TEAM and crediting EsqueleStealer plus OSINT/exploits APIs, alleges that multiple .gob.ar and .edu.ar sites were compromised between 2024 and 2026, releasing a sample of over 80,000,000 lines covering scraped APIs, RENAPER identity records, and ANSES benefits data. The post also bundles purported Crónica.com administration panel access, employee data, FTP, and revenue metrics, with the actor threatening to release 50GB more if the thread receives support.
Post details:
▸ Actor(s): Skull1172 (filtered by EsqueleSquad TEAM)
▸ Sector: Government, Education, Media
▸ Type: Data Leak (sample) with threat to release more
▸ Format: Sample now, +50GB threatened
▸ Price: Free (registration/login gated sample)
▸ Records: 80M credentials, 154,654 conversations, 32M+ image/code64 entries, 11.8M ANSES records
▸ Country: Argentina
▸ Date: 06/05/2026
Affected entities:
▪️ auth[.afip.gob.ar (11.8M)
▪️ servicioscorp[.anses.gob.ar
▪️ id.argentina[.gob.ar
▪️ becasprogresar.educacion[.gob.ar (650k)
▪️ login.buenosaires[.gob.ar, autenticar[.gob.ar, sube[.gob.ar
▪️ portalempleo[.gob.ar, progresar[.educacion.gob.ar
▪️ login[.abc.gob.ar, miba[.buenosaires.gob.ar
▪️ clusterapw[.agip.gob.ar, lbapw[.agip.gob.ar
▪️ gde[.gob.ar, cas[.gde.gob.ar
▪️ RENAPER and ANSES API endpoints
▪️ estudiantes[.castelmonte.edu.ar (webmail)
▪️ SIGENO Zonda notarial system credential reset
▪️ Crónica[.com admin panel, employee data, FTP
Compromised data:
▪️ Phones, usernames, passwords
▪️ CUIL/DNI national identifiers
▪️ License plate numbers
▪️ Emails and webmail conversations
▪️ RENAPER record IDs, issuance/expiry dates, ID photos (code64)
▪️ Full names, dates of birth, citizen IDs
▪️ Street, number, postal code, city, municipality, province
▪️ ANSES benefits status data
▪️ Crónica employee records and admin credentials
▪️ Internal revenue metrics and advertiser/transaction data
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor, claiming filtering by EsqueleSquad TEAM and crediting EsqueleStealer plus OSINT/exploits APIs, alleges that multiple .gob.ar and .edu.ar sites were compromised between 2024 and 2026, releasing a sample of over 80,000,000 lines covering scraped APIs, RENAPER identity records, and ANSES benefits data. The post also bundles purported Crónica.com administration panel access, employee data, FTP, and revenue metrics, with the actor threatening to release 50GB more if the thread receives support.
Post details:
▸ Actor(s): Skull1172 (filtered by EsqueleSquad TEAM)
▸ Sector: Government, Education, Media
▸ Type: Data Leak (sample) with threat to release more
▸ Format: Sample now, +50GB threatened
▸ Price: Free (registration/login gated sample)
▸ Records: 80M credentials, 154,654 conversations, 32M+ image/code64 entries, 11.8M ANSES records
▸ Country: Argentina
▸ Date: 06/05/2026
Affected entities:
▪️ auth[.afip.gob.ar (11.8M)
▪️ servicioscorp[.anses.gob.ar
▪️ id.argentina[.gob.ar
▪️ becasprogresar.educacion[.gob.ar (650k)
▪️ login.buenosaires[.gob.ar, autenticar[.gob.ar, sube[.gob.ar
▪️ portalempleo[.gob.ar, progresar[.educacion.gob.ar
▪️ login[.abc.gob.ar, miba[.buenosaires.gob.ar
▪️ clusterapw[.agip.gob.ar, lbapw[.agip.gob.ar
▪️ gde[.gob.ar, cas[.gde.gob.ar
▪️ RENAPER and ANSES API endpoints
▪️ estudiantes[.castelmonte.edu.ar (webmail)
▪️ SIGENO Zonda notarial system credential reset
▪️ Crónica[.com admin panel, employee data, FTP
Compromised data:
▪️ Phones, usernames, passwords
▪️ CUIL/DNI national identifiers
▪️ License plate numbers
▪️ Emails and webmail conversations
▪️ RENAPER record IDs, issuance/expiry dates, ID photos (code64)
▪️ Full names, dates of birth, citizen IDs
▪️ Street, number, postal code, city, municipality, province
▪️ ANSES benefits status data
▪️ Crónica employee records and admin credentials
▪️ Internal revenue metrics and advertiser/transaction data
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇪🇨 CACPE Pastaza allegedly breached exposing 18 million Ecuadorian civil registry records via an unprotected API
A threat actor claims that the identity validation API of CACPE Pastaza, an Ecuadorian cooperative, was pwned through an unprotected proxy endpoint that queries the national civil registry, exposing over 18 million records updated as of today. The post is being released for free and includes a working cURL exploitation example showing how anyone can pull complete personal records by submitting a national ID number.
Post details:
▸ Actor(s): GondorPe
▸ Sector: Finance / Government (civil registry via cooperative API)
▸ Type: Data Leak / API Exposure
▸ Price: Free
▸ Records: 18,000,000+
▸ Country: Ecuador
▸ Date: 06/05/2026
Compromised data:
▪️ Full names (apellidos, nombres)
▪️ National ID number (NUI / cédula)
▪️ Date of birth
▪️ Place of birth
▪️ Home address (domicilio, calle, número)
▪️ Marital status
▪️ Gender
▪️ Nationality
▪️ Father's and mother's names
▪️ Profession
▪️ Date of ID issuance
▪️ Citizenship status
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims that the identity validation API of CACPE Pastaza, an Ecuadorian cooperative, was pwned through an unprotected proxy endpoint that queries the national civil registry, exposing over 18 million records updated as of today. The post is being released for free and includes a working cURL exploitation example showing how anyone can pull complete personal records by submitting a national ID number.
Post details:
▸ Actor(s): GondorPe
▸ Sector: Finance / Government (civil registry via cooperative API)
▸ Type: Data Leak / API Exposure
▸ Price: Free
▸ Records: 18,000,000+
▸ Country: Ecuador
▸ Date: 06/05/2026
Compromised data:
▪️ Full names (apellidos, nombres)
▪️ National ID number (NUI / cédula)
▪️ Date of birth
▪️ Place of birth
▪️ Home address (domicilio, calle, número)
▪️ Marital status
▪️ Gender
▪️ Nationality
▪️ Father's and mother's names
▪️ Profession
▪️ Date of ID issuance
▪️ Citizenship status
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🏴☠️ Nimrod Stealer source code allegedly shared on a hacking forum for credential and browser data theft
A user is distributing the source code of "Nimrod Stealer," an information-stealing tool described in the post as designed to harvest saved browser credentials, cookies, autofill data, and system fingerprints, with stolen data exfiltrated to remote servers. The package is shared as a Python-based builder with installer batch files and a README, alongside a contact pointer for a "premium" version.
Post details:
▸ Actor(s): sunshineking
▸ Sector: Malware / Offensive tooling
▸ Type: Source Code Release (infostealer)
▸ Format: Python project (builder.py, install.py, junk.py, install_python.bat, builder.bat, requirements.txt)
▸ Price: Free (premium variant referenced separately)
Capabilities described in the post:
▪️ Steals saved passwords from browsers
▪️ Extracts banking and payment details
▪️ Targets email and social media account access
▪️ Gathers system and network information
▪️ Scans browsers for saved credentials and cookies
▪️ Extracts autofill data
▪️ Collects system fingerprints
▪️ Exfiltrates collected data to remote servers
▪️ Delivered via phishing emails, fake downloads, or cracked software bundles
Defender notes:
▪️ Monitor for suspicious Python interpreter installs and execution of unsigned .bat loaders on user endpoints
▪️ Hunt for unexpected browser credential store and cookie file access (Login Data, Cookies SQLite DBs in Chromium/Gecko profiles)
▪️ Restrict execution of scripts from user-writable paths via AppLocker/WDAC
▪️ Enforce browser password manager hardening or move users to enterprise SSO + MFA to reduce stealer payoff
▪️ Alert on outbound traffic to anomalous hosts shortly after first-run of new Python processes
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A user is distributing the source code of "Nimrod Stealer," an information-stealing tool described in the post as designed to harvest saved browser credentials, cookies, autofill data, and system fingerprints, with stolen data exfiltrated to remote servers. The package is shared as a Python-based builder with installer batch files and a README, alongside a contact pointer for a "premium" version.
Post details:
▸ Actor(s): sunshineking
▸ Sector: Malware / Offensive tooling
▸ Type: Source Code Release (infostealer)
▸ Format: Python project (builder.py, install.py, junk.py, install_python.bat, builder.bat, requirements.txt)
▸ Price: Free (premium variant referenced separately)
Capabilities described in the post:
▪️ Steals saved passwords from browsers
▪️ Extracts banking and payment details
▪️ Targets email and social media account access
▪️ Gathers system and network information
▪️ Scans browsers for saved credentials and cookies
▪️ Extracts autofill data
▪️ Collects system fingerprints
▪️ Exfiltrates collected data to remote servers
▪️ Delivered via phishing emails, fake downloads, or cracked software bundles
Defender notes:
▪️ Monitor for suspicious Python interpreter installs and execution of unsigned .bat loaders on user endpoints
▪️ Hunt for unexpected browser credential store and cookie file access (Login Data, Cookies SQLite DBs in Chromium/Gecko profiles)
▪️ Restrict execution of scripts from user-writable paths via AppLocker/WDAC
▪️ Enforce browser password manager hardening or move users to enterprise SSO + MFA to reduce stealer payoff
▪️ Alert on outbound traffic to anomalous hosts shortly after first-run of new Python processes
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🔪 Slice For Life - Part 2 🔪
You may see a couple of old forum posts on the threat feed between now and Sunday. I'm testing a historical feed setup that is going to the current threat feed, before moving it to a different frontend. I should know more next week on when it will be available…
I am currently building the historical feed... both the platform frontend and the API endpoints that will get everything first. You still may see some very old posts on the current feed for testing.
Currently the threat feed alone is doing over 400 posts a day. My goal is to initially start with 1000 posts daily for the historical and ramp up to 2k and 3k+. Obviously this costs more money to do... so if you're interested think about subscribing to the platform or the API.
I hope to have all of the endpoints ready for the API by the end of this month and depending how that goes the historical feed will be ready shortly after that.
darkwebinformer.com/pricing
darkwebinformer.com/api-details
Currently the threat feed alone is doing over 400 posts a day. My goal is to initially start with 1000 posts daily for the historical and ramp up to 2k and 3k+. Obviously this costs more money to do... so if you're interested think about subscribing to the platform or the API.
I hope to have all of the endpoints ready for the API by the end of this month and depending how that goes the historical feed will be ready shortly after that.
darkwebinformer.com/pricing
darkwebinformer.com/api-details
Dark Web Informer
Subscribe - Dark Web Informer | Threat Intelligence Plans
Choose a plan for real-time threat intelligence from the dark web, deep web, and clearnet. Monitor breaches, leaks, ransomware, and threats as they happen.
🔥1
🔪 Slice For Life - Part 2 🔪 pinned «I am currently building the historical feed... both the platform frontend and the API endpoints that will get everything first. You still may see some very old posts on the current feed for testing. Currently the threat feed alone is doing over 400 posts…»
‼️ SAFEPAY Ransomware Claims 9 Victims
🇺🇸 jmige.com
🇺🇸 gingerichtrucking.com
🇪🇸 smp.cat
🇮🇹 soavegel.it
🇬🇧 globalmerchservices.com
🇮🇹 studioubertazzi.it
🇧🇪 ettp.be
🇩🇪 mbk-gmbh.de
🇩🇪 id-s.de
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
🇺🇸 jmige.com
🇺🇸 gingerichtrucking.com
🇪🇸 smp.cat
🇮🇹 soavegel.it
🇬🇧 globalmerchservices.com
🇮🇹 studioubertazzi.it
🇧🇪 ettp.be
🇩🇪 mbk-gmbh.de
🇩🇪 id-s.de
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇫🇷 NRJ Mobile allegedly leaked exposing 266K customer records from the French MVNO
A threat actor claims to have leaked a database from NRJ Mobile (nrjmobile.fr), a French mobile virtual network operator, releasing it for free under the hashtag #freebreach3d. The 266,345-record sample includes full customer profiles with banking identifiers (IBAN/BIC) and Freebox account references in JSONL format.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Telecommunications (MVNO)
▸ Type: Data Leak
▸ Format: JSONL
▸ Price: Free
▸ Records: 266,345
▸ Country: France
Compromised data:
▪️ Internal ID and customer code
▪️ Title, first name, last name
▪️ Email address
▪️ Phone numbers (primary and secondary)
▪️ Street address, postal code, city, country
▪️ Individual type
▪️ IBAN and BIC banking identifiers
▪️ Freebox ID
▪️ Account status (active/inactive)
▪️ Registration date
▪️ Retention offer flag and additional mobile loan flag
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database from NRJ Mobile (nrjmobile.fr), a French mobile virtual network operator, releasing it for free under the hashtag #freebreach3d. The 266,345-record sample includes full customer profiles with banking identifiers (IBAN/BIC) and Freebox account references in JSONL format.
Post details:
▸ Actor(s): NormalLeVrai
▸ Sector: Telecommunications (MVNO)
▸ Type: Data Leak
▸ Format: JSONL
▸ Price: Free
▸ Records: 266,345
▸ Country: France
Compromised data:
▪️ Internal ID and customer code
▪️ Title, first name, last name
▪️ Email address
▪️ Phone numbers (primary and secondary)
▪️ Street address, postal code, city, country
▪️ Individual type
▪️ IBAN and BIC banking identifiers
▪️ Freebox ID
▪️ Account status (active/inactive)
▪️ Registration date
▪️ Retention offer flag and additional mobile loan flag
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇧🇷 TransmiteNota allegedly leaked exposing 20 million records from the Brazilian e-invoicing platform
A forum moderator claims to have leaked a SQL database from app3.transmitenota.com.br, a Brazilian electronic invoicing service, with the dump dated May 1, 2026. The leak reportedly contains 20,151,364 rows and 141,000 emails, with samples showing personal and corporate contact records including individual names and registered businesses.
Post details:
▸ Actor(s): Tanaka
▸ Sector: Finance / SaaS (e-invoicing / nota fiscal)
▸ Type: Data Leak
▸ Format: SQL
▸ Price: Free (reply-gated)
▸ Records: 20,151,364 rows, 141,000 emails
▸ Country: Brazil
▸ Original leak date: 01/05/2026
Compromised data:
▪️ Record ID
▪️ Full names (individuals)
▪️ Company names (LTDA / corporate registrations)
▪️ Phone numbers
▪️ Email addresses
▪️ Internal system reference codes
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A forum moderator claims to have leaked a SQL database from app3.transmitenota.com.br, a Brazilian electronic invoicing service, with the dump dated May 1, 2026. The leak reportedly contains 20,151,364 rows and 141,000 emails, with samples showing personal and corporate contact records including individual names and registered businesses.
Post details:
▸ Actor(s): Tanaka
▸ Sector: Finance / SaaS (e-invoicing / nota fiscal)
▸ Type: Data Leak
▸ Format: SQL
▸ Price: Free (reply-gated)
▸ Records: 20,151,364 rows, 141,000 emails
▸ Country: Brazil
▸ Original leak date: 01/05/2026
Compromised data:
▪️ Record ID
▪️ Full names (individuals)
▪️ Company names (LTDA / corporate registrations)
▪️ Phone numbers
▪️ Email addresses
▪️ Internal system reference codes
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
‼️🇫🇷 Leroy Merlin France allegedly leaked exposing 367,462 loyalty program records
A threat actor claims to be selling a freshly scraped database from Leroy Merlin France, clarifying that it is not a full store dump but rather a dump from one of the retailer's loyalty ("outil de fidelité") tools, and is being marketed as premium, unprocessed, and not previously circulated. The package contains a single file with detailed customer profiles including loyalty card data, addresses, and account metadata.
Post details:
▸ Actor(s): Lagui
▸ Sector: Retail (home improvement)
▸ Type: Data Sale
▸ Format: 1 file (JSON), 367,462 entries
▸ Price: Negotiable (escrow accepted)
▸ Records: 367,462
▸ Country: France
▸ Date: 06/05/2026
Compromised data:
▪️ Internal ID, login, civility, birth date
▪️ First name and last name
▪️ Email addresses (primary and login)
▪️ Phone numbers
▪️ Multiple addresses (building, street number, street, city, postal code, country, province)
▪️ Loyalty card number and barcode
▪️ Loyalty status, points, expiration, validity dates
▪️ Reward and burn status, vouchers, badges
▪️ Co-owners and partner platform access flags
▪️ Web account status, last login, login count
▪️ Marital status, number of children, store code
▪️ Account creation date and migration state
▪️ Administrative identifiers and moving date
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a freshly scraped database from Leroy Merlin France, clarifying that it is not a full store dump but rather a dump from one of the retailer's loyalty ("outil de fidelité") tools, and is being marketed as premium, unprocessed, and not previously circulated. The package contains a single file with detailed customer profiles including loyalty card data, addresses, and account metadata.
Post details:
▸ Actor(s): Lagui
▸ Sector: Retail (home improvement)
▸ Type: Data Sale
▸ Format: 1 file (JSON), 367,462 entries
▸ Price: Negotiable (escrow accepted)
▸ Records: 367,462
▸ Country: France
▸ Date: 06/05/2026
Compromised data:
▪️ Internal ID, login, civility, birth date
▪️ First name and last name
▪️ Email addresses (primary and login)
▪️ Phone numbers
▪️ Multiple addresses (building, street number, street, city, postal code, country, province)
▪️ Loyalty card number and barcode
▪️ Loyalty status, points, expiration, validity dates
▪️ Reward and burn status, vouchers, badges
▪️ Co-owners and partner platform access flags
▪️ Web account status, last login, login count
▪️ Marital status, number of children, store code
▪️ Account creation date and migration state
▪️ Administrative identifiers and moving date
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Systemd Backdoor: A simple script to automate systemd backdoor
GitHub: https://github.com/MatheuZSecurity/systemd-backdoor/
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
GitHub: https://github.com/MatheuZSecurity/systemd-backdoor/
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
😈1
🚨Marlon Ferro, who went by the online handle "GothFerrari," has been sentenced to 6.5 years in federal prison for his involvement in the Malone Lam heist, a crypto theft that netted more than $250 million. He was also ordered to pay $2.5 Million in restitution.
https://www.justice.gov/usao-dc/pr/gothferrari-sentenced-78-months-prison-role-massive-cryptocurrency-heist
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
https://www.justice.gov/usao-dc/pr/gothferrari-sentenced-78-months-prison-role-massive-cryptocurrency-heist
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
www.justice.gov
‘GothFerrari’ Sentenced to 78 Months in Prison for Role in Massive
Marlon Ferro, 20, of Santa Ana, California, was sentenced today in U.S. District Court to 78 months in prison in connection with his role in a sprawling social engineering conspiracy that stole well over $250 million in cryptocurrency from victims across…
‼️ New Dark Web Informer Blog Post!
Title: Daily Dose of Dark Web Informer - May 6th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-may-6th-2026/
Title: Daily Dose of Dark Web Informer - May 6th, 2026
Link: https://darkwebinformer.com/daily-dose-of-dark-web-informer-may-6th-2026/
Dark Web Informer
Daily Dose of Dark Web Informer - May 6th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
‼️ New Dark Web Informer Blog Post!
Title: Indonesia’s Ministry of Energy and Mineral Resources (ESDM) allegedly leaked exposing fuel oil distributor records
Link: https://darkwebinformer.com/indonesias-ministry-of-energy-and-mineral-resources-esdm-allegedly-leaked-exposing-fuel-oil-distributor-records/
Title: Indonesia’s Ministry of Energy and Mineral Resources (ESDM) allegedly leaked exposing fuel oil distributor records
Link: https://darkwebinformer.com/indonesias-ministry-of-energy-and-mineral-resources-esdm-allegedly-leaked-exposing-fuel-oil-distributor-records/
Dark Web Informer
Indonesia’s Ministry of Energy and Mineral Resources (ESDM) Allegedly Leaked Exposing Fuel Oil Distributor Records
A threat actor claims to have leaked a database from Indonesia’s Ministry of Energy and Mineral Resources (Kementerian ESDM), specifically the list of distributors for general commercial business entities of fuel oil for the second semester of 2025