🔴FiveWest Platform Falls Victim to BLACKNET-00🔴
About the Platform:
FiveWest is a financial platform offering electronic payment services and money transfers dealing with companies and institutions across various sectors
❤2
infrastructure destruction squad
Photo
🔴FiveWest Platform Falls Victim to BLACKNET-00🔴
About the Platform:
FiveWest is a financial platform offering electronic payment services and money transfers dealing with companies and institutions across various sectors
Breach Details:
The platform's systems were compromised and a large volume of sensitive files was exfiltrated. The stolen data includes KYC and KYB documents for over 500 corporate clients, such as certificates of incorporation founding agreements and shareholder registers along with passports national IDs and driving licenses of directors and shareholders Also exposed are detailed bank statements revealing fund movements and transactions lease agreements anti-money laundering policies and financial licenses Notable leaked files include the incorporation memorandum of INFOSEC CYBER OPERATIONS a Kenyan driving license belonging to DERICK ANDREW Nedbank statements showing high-value transactions a South African ID for SILAS THEODORE HOWARTH Bidorbuy account documents Nigerian electricity bills cryptocurrency wallet documents worth $220,000 and KYC records for multiple companies including Palmpay PU Prime and Tibi Cashier
Scope of Impact:
This data leak exposes the platform to significant financial and legal liabilities alongside a severe loss of client and partner trust
👍2
infrastructure destruction squad
Photo
🔴 FOR SALE Full Access to SriLankan Airlines Network 🔴
Hello we are offering full internal network access to SriLankan Airlines the national carrier of Sri Lanka
Complete access to all systems including FTP PRTG RDP Intranet OWA IMAP Moodle E Learning Platform all discovered passwords for all systems SSL certificate files internal software installation files operational and training documentation flight management system operations management system airport and ground handling operations system main company database internal rating system system logs and log files internal email files station and aircraft maintenance manual list of approved stations and maintenance agents employee information and staff numbers supplier contracts and commercial agreements flight schedules and operations data server and device access permissions complete internal network map sensitive configuration and settings files Remote Desktop Protocol in full aircraft engine maintenance reports Pratt and Whitney IAE V2500 confidential technical documents for engine components Line Station Handling Manual emergency and fault handling procedures AOG Spares Procedures list of approved maintenance agents quality and safety audit records complete PRTG monitoring system information PRTG login credentials PRTG support tickets contact information for system administrators technical reports on engine faults photographs of damaged engine parts precise VSV clearance measurements engine performance data tables N2 EPR airworthiness certificates FAA Z3EY983Y names of maintenance engineers Mick Quirke Chris Grosvenor Ian Carmichael and the company information security policy documents
Price $50000 USD Bitcoin Only Payment Bitcoin BTC only Contact @blacknetransom
A major fraud case has recently occurred at SriLankan Airlines where a huge sum of 974,000 UAE dirhams was paid through a compromised email service provider, in addition to the embezzlement of 22 million Indian rupees from its Chennai office This confirms that large corporations are not immune to cyberattacks but rather are easy targets for those who possess the right tools and expertise
We will also demand a similar financial ransom which must be paid within a specified deadline otherwise we will leak sensitive data or completely disable their systems
❤1
🔴The internal network of Libyan Airlines has been fully compromised and we have gained complete control over the entire network infrastructure We successfully breached the main MikroTik RouterOS device belonging to the company which is located at Mitiga International Airport in Tripoli We gained access to all its settings and subsystems including employee and customer PPPoE accounts DHCP servers routing tables firewall rules Hotspot configurations as well as system logs containing login and logout data for all users
❤1
infrastructure destruction squad
Photo
The internal network of Libyan Airlines has been fully compromised and we have gained complete control over the entire network infrastructure We successfully breached the primary MikroTik RouterOS device belonging to the company located at Mitiga International Airport in Tripoli and gained access to all of its configurations and subsystems including employee and customer PPPoE accounts DHCP servers routing tables firewall rules Hotspot settings and system logs containing login and logout data for all users We also exploited a security vulnerability in the SNMP protocol which was openly accessible on port 161 without any protection allowing us to collect sensitive device information such as uptime firmware version and the device name which was labeled Libyan Airlines Mittiga Airport Telecom confirming that the device is located at Mitiga International Airport in Tripoli and belongs to Libyan Airlines
We have taken control of over 600 active devices connected to the network including smartphones tablets laptops and desktop computers belonging to company employees and various departments We identified 18 active PPPoE sessions under different usernames and have been monitoring incoming and outgoing data traffic analyzing data packets passing through the network and gaining access to sensitive information such as emails login credentials internal documents and administrative correspondence Additionally we have the ability to add delete or modify internet accounts change passwords and adjust permissions giving us full control over the network and data flow allowing us to spy on users intercept information redirect traffic and even shut down the network completely or redirect users to fake websites to collect more data or carry out phishing attacks
We have compromised over 2500 accounts within the companys internal network including employee accounts administrative accounts customer accounts email accounts internal system access accounts VPN accounts Hotspot accounts and PPPoE accounts all of which are now under our full control
Furthermore we have successfully compromised additional new accounts with over 6000 additional accounts discovered and documented during the breach These newly discovered accounts include internet accounts with various speeds 3 Mbps 4 Mbps 5 Mbps 7 Mbps 10 Mbps remote access accounts hidden administrative accounts test accounts and backup accounts All of these accounts were protected by extremely weak passwords or in many cases the password was identical to the username which greatly facilitated our access and compromise
We can exploit these new and discovered accounts in multiple dangerous ways including using employee accounts to access internal email and confidential correspondence reading all messages and sending forged emails under the name of senior management to spread misinformation or cause administrative damage We can also use customer accounts to access their personal data including phone numbers email addresses payment details and sensitive information allowing us to carry out fraud and identity theft attacks
We can also take control of VPN accounts to access other internal networks connected to the company such as other airport networks booking systems aviation networks and ground handling systems potentially leading to the compromise of the entire aviation system We can exploit PPPoE accounts to change users internet settings redirect traffic to our servers collect and analyze data for espionage or hacking purposes and use administrative accounts to modify security settings disable protection systems create new vulnerabilities and leave backdoors to ensure continued control even after the breach is discovered
We can also exploit Hotspot accounts to distribute unauthorized internet connections sell them to third parties or use them to launch cyberattacks from within the network making them difficult to trace We can leak sensitive company data including financial information employment contracts passenger data flight information and operational data to the media competitors or hostile
infrastructure destruction squad
Photo
entities and gradually disable the companys internal systems to avoid detection potentially paralyzing company operations disrupting flights canceling bookings and causing massive financial losses
Additionally we can carry out targeted phishing attacks against employees and senior management to gather more sensitive information and passwords expand the scope of the breach to include other systems outside the company and deploy malware and ransomware within the internal network encrypting vital data and demanding a huge ransom to restore systems and decrypt files We can monitor employee and management activity in real time collecting information about their movements communications and relationships which we can use to pressure or blackmail them
Furthermore we can use administrative accounts to issue forged orders for fund transfers move money to external accounts or falsify invoices and contracts resulting in massive financial losses for the company We can also use the compromised network to create a botnet of infected devices to launch DDoS attacks on government banking or media targets within Libya and abroad and sell stolen data and login credentials on the black market to hackers competitors or hostile entities generating huge financial profits at the expense of the companys security
We can also alter flight paths cancel flights or cause deliberate delays to create chaos and confusion at Mitiga International Airport damaging the companys reputation We can infiltrate the airports CCTV systems and access surveillance cameras allowing us to monitor passenger and employee movements and gather intelligence about the airport We can also use customer accounts to purchase flight tickets using their stolen data causing financial losses to customers and damaging their reputations
All of these newly discovered and compromised accounts give us unprecedented control over one of Libyas most critical facilities We are now in a position to decide how to exploit this breach whether for financial political intelligence or even reputational damage purposes At any moment we can completely shut down the service leak sensitive data or use the network as a platform to launch cyberattacks on other targets making this breach one of the most dangerous attacks a national airline could ever face and placing the entire future of the company in our hands
infrastructure destruction squad
🔴The internal network of Libyan Airlines has been fully compromised and we have gained complete control over the entire network infrastructure We successfully breached the main MikroTik RouterOS device belonging to the company which is located at Mitiga International…
This is a complete large network, and we haven't shown you the rest of the data We now have an entire internal network under our control and we have the ability to sell this network with all its details including all passwords access permissions routing settings user accounts backups and system logs
We offer for buyers a complete and ready-to-exploit network with the necessary technical support to use it for any purpose
To contact and negotiate you can reach us through our dedicated account:
📩 @blacknetransom
Time is limited and the data is waiting for whoever pays the right price
❤2
infrastructure destruction squad
🔴 PRTG System Breach Update 🔴 ✅ We have successfully gained access to the PRTG system! Our team has successfully breached the PRTG Network Monitor system used by SriLankan Airlines, which is responsible for monitoring all servers, devices, and the entire…
Media is too big
VIEW IN TELEGRAM
This is a monitoring server dashboard related to SriLankan Airlines running the PRTG Network Monitor system which is used by SriLankan Airlines to oversee all servers devices, and the entire internal network.
This video was recorded at the time the servers were breached.
These servers have now been shut down by SriLankan Airlines after they became aware of the intrusion
❤1