IntelBroker Claims Access to Two Fortune 500 Companies

🔐 A major data breach has exposed critical infrastructure at two multi-billion dollar companies. Find out how IntelBroker pulled it off and what it means for the cybersecurity landscape.

IntelBroker Claims Access to Two Fortune 500 Companies
IntelBroker Claims Access to Two Fortune 500 Companies

In a recent incident that has sent shockwaves through the cybersecurity community, a notorious figure known as IntelBroker has claimed to have gained unauthorized access to the systems of two major companies with combined revenues exceeding $120 billion. The companies in question remain unnamed, but their vast financial influence suggests they are significant players in their respective industries. According to IntelBroker’s post on the dark web forum BreachForums, Company #1 reports annual revenues of $25 billion, while Company #2 boasts an even more staggering $95 billion in revenue.

IntelBroker is a well-known figure in the underground hacking community, particularly on BreachForums, a platform notorious for the sale and exchange of stolen data, hacking tools, and other illegal digital services. This post marks yet another bold move by IntelBroker, who has been involved in numerous high-profile data breaches in recent years.

Breach Details

The breach involves access to critical infrastructure and highly sensitive information. IntelBroker’s post specifically mentions the following assets as being compromised:

  • Bitbucket: A Git-based source code repository hosting service owned by Atlassian, frequently used for version control and collaboration on software development.
  • AWS S3 (Amazon Web Services Simple Storage Service): A popular cloud storage service used by countless businesses to store and retrieve large amounts of data, often including sensitive or proprietary information.
  • AWS Cognito: A service that provides authentication, authorization, and user management for web and mobile apps.
  • SSH (Secure Shell): A cryptographic network protocol used for operating network services securely over an unsecured network.
  • Software Signing Keys: These are cryptographic keys used to digitally sign software to ensure its authenticity and integrity.
  • Certificates & AWS API Access: Likely involving SSL/TLS certificates and programmatic access to AWS services, potentially enabling further exploitation of the compromised systems.

IntelBroker has explicitly stated that they are only entertaining offers from individuals with a certain level of reputation within the BreachForums community, signaling the seriousness and potential value of the compromised data. This one-time sale offers a rare glimpse into the black market for corporate data breaches, where access to this level of information could lead to significant financial and operational damage.

Threat Actor Profile: IntelBroker

IntelBroker is a notorious figure in the cybercriminal underworld, operating as the owner and primary operator of BreachForums. The forum itself is a successor to similar platforms that have been taken down by law enforcement in the past, such as RaidForums. IntelBroker has been implicated in several major breaches, where the individual or group has specialized in obtaining and selling access to highly sensitive corporate data.

IntelBroker is known for their methodical approach to breaches, often targeting large corporations with valuable data, and for their ability to maintain a veil of anonymity while engaging with potential buyers in the dark web’s most secretive corners.

Coins by Cryptorank