Culinda, a prominent cybersecurity firm, has recently been thrust into the spotlight due to a significant data leak. The source code for one of its key tools, DarkEyeScan, has been posted on a notorious hacking forum, BreachForums, by a user named IntelBroker. This event marks a concerning moment for the company, which is renowned for its contributions to cybersecurity, especially in the area of automated penetration testing.
Company Overview
Culinda is a well-established player in the cybersecurity sector, specializing in developing advanced tools and solutions to protect networks and domains. The firm has gained recognition for its innovative approach to automated penetration testing, making its products, such as DarkEyeScan, critical to the security infrastructure of many organizations.
DarkEyeScan is one of Culinda's flagship products, designed to streamline the penetration testing process by automating the identification of vulnerabilities across networks and domains. This tool is vital for many organizations, as it helps them proactively identify and mitigate security risks before they can be exploited by malicious actors.
Breach Details
On January 20, 2024, at approximately 4:33 AM, a post was made on BreachForums by IntelBroker, the forum's owner, revealing that the source code for DarkEyeScan had been leaked. The post contained a direct download link to the source code, making it accessible to anyone with access to the forum. This leak is particularly concerning as it exposes the inner workings of a powerful cybersecurity tool, potentially enabling malicious actors to exploit its vulnerabilities or create similar tools for nefarious purposes.
Threat Actor Profile
The individual behind this leak, IntelBroker, is a well-known figure in the cybercriminal community. As the owner of BreachForums, IntelBroker has a reputation for distributing stolen data and leaking sensitive information. BreachForums itself is a hub for hackers and cybercriminals, where users share and trade stolen data, malware, and hacking tools. The forum has been linked to numerous high-profile data breaches and is closely monitored by law enforcement agencies worldwide.