05-09-2024, 11:05 AM
News (SOLD) IntelBroker Traded $20K Crypto For Alleged Unauthorized Cybersecurity Co
<p><img width="1000" height="633" src="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-e1715241591769.webp" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Zscaler data breach" decoding="async" srcset="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-e1715241591769.webp 1000w, https://thecyberexpress.com/wp-content/u...0x190.webp 300w, https://thecyberexpress.com/wp-content/u...8x486.webp 768w, https://thecyberexpress.com/wp-content/u...0x380.webp 600w, https://thecyberexpress.com/wp-content/u...50x95.webp 150w, https://thecyberexpress.com/wp-content/u...0x475.webp 750w" sizes="(max-width: 1000px) 100vw, 1000px" /></p><span style="font-weight: 400;">IntelBroker has asserted a massive breach, and has now sold the access to </span><span style="font-weight: 400;">a cybersecurity entity with a hefty annual revenue of USD 1.8 billion. The threat actor has traded USD 20,000 in XMR or ETH to an unknown entity on a dark web forum. </span>
<span style="font-weight: 400;">The initial offer touted access to a trove of sensitive information, including SSL keys, SMTP access, PAuth/Pointer Authentication, and various login credentials. Despite the lack of concrete evidence, a conversation surfaced on social media platforms purportedly involving IntelBroker, further fueling speculation. </span>
<span style="font-weight: 400;">While the forum post rumors hinted at the US-based <a href="https://thecyberexpress.com/the-best-practices-of-a-successful-migration/" target="_blank" rel="noopener" data-wpil-monitor-id="3584">cloud security</a> giant, Zscaler Inc., the actual target remains unconfirmed due to the absence of corroborating proof. However, Zscaler's recent security update on its website hints at a possible connection between the two <a class="wpil_keyword_link" title="events" href="https://thecyberexpress.com/cyber-security-events/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3575">events</a>. </span>
<h3><span style="font-weight: 400;">Alleged Zscaler Data Breach Threatens the Cybersecurity Community</span></h3>
[caption id="attachment_67457" align="alignnone" width="1765"]<img class="wp-image-67457 size-full" src="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-1.webp" alt="a screenshot of a computer" width="1765" height="625" /> Source: <a class="wpil_keyword_link" title="Dark Web" href="https://thecyberexpress.com/what-is-the-dark-web/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3576">Dark Web</a>[/caption]
<span style="font-weight: 400;">The gravity of the alleged Zscaler <a class="wpil_keyword_link" title="data" href="https://thecyberexpress.com/what-is-data/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3577">data</a> breach escalated when rumors emerged surrounding a possible breach within the organization's infrastructure. Allegations circulated that a <a href="https://thecyberexpress.com/cactus-cyber-attack-latest-victim-update/" target="_blank" rel="noopener" data-wpil-monitor-id="3578">threat actor</a> was peddling access to the company's systems. In response, Zscaler swiftly took its "<a href="https://trust.zscaler.com/zscaler.net/posts/18686" target="_blank" rel="nofollow noopener">test environment</a>" offline for analysis, aiming to ascertain the authenticity of the claims.</span>
However, the current update from the <a href="https://thecyberexpress.com/hsbc-bank-data-breach-barclays/" target="_blank" rel="noopener">hacker</a> stated that the unauthorized access has now been sold. Apart from the update, no further information was provided on the receiver who allegedly purchased the unauthorized access for USD 20,000.
Zscaler has <a href="https://thecyberexpress.com/critical-security-flaw-javascript-library-vm2/" target="_blank" rel="noopener" data-wpil-monitor-id="3579">updated its security</a> page, stating, "<span style="font-weight: 400;">Zscaler continues to investigate and reiterates there is no impact or compromise to our customer, production, and corporate environments. During the afternoon of May 8, we engaged a reputable <a href="https://thecyberexpress.com/effective-api-security-strategy/" target="_blank" rel="noopener" data-wpil-monitor-id="3585">incident response</a> firm that initiated an independent investigation. We continue to monitor the situation and will provide additional updates through the completion of the investigation".</span>
[caption id="attachment_67460" align="alignnone" width="1330"]<img class="wp-image-67460 size-full" src="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-update.webp" alt="Zscaler data breach update" width="1330" height="552" /> Source: Zscaler[/caption]
<span style="font-weight: 400;">Initially, Zscaler reassured stakeholders that their investigation yielded no evidence of compromise within their customer or production environments. However, concerns persisted as discussions around the purported Zscaler data breach proliferated online. Users on various platforms debated the authenticity of the claims, with some expressing skepticism while others confirmed the breached organization is <a class="wpil_keyword_link" title="cybersecurity" href="https://thecyberexpress.com/what-is-cybersecurity/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3573">cybersecurity</a> giant.</span>
<h3><span style="font-weight: 400;">Zscaler Responds to the Alleged Breach Claims </span></h3>
<span style="font-weight: 400;">Amid the uncertainty, Zscaler remained positive, emphasizing its commitment to safeguarding customer and production environments. Updates from Zscaler's Trust site reiterated their dedication to thorough <a href="https://thecyberexpress.com/cyberattack-on-nexperia-confirmed/" target="_blank" rel="noopener">investigation</a> and transparency. While it confirmed the discovery of an isolated test environment exposed to the internet, they highlighted its lack of connectivity to critical systems and absence of customer data.</span>
<span style="font-weight: 400;">Talking about the rumors, Zscaler stated that the organization is aware of the claims and they are currently investigating the data. “Zscaler is aware of a public X (formerly known as Twitter) post by a threat actor claiming to have potentially obtained unauthorized information from a cybersecurity company. There is an <a href="https://thecyberexpress.com/northern-light-health-cyberattack-update/" target="_blank" rel="noopener" data-wpil-monitor-id="3586">ongoing investigation</a> we initiated immediately after learning about the claims. We take every potential threat and claim very seriously and will continue our rigorous investigation”, added Zscaler. </span>
<h3><span style="font-weight: 400;">Who is IntelBroker?</span></h3>
https://www.youtube.com/watch?v=wXuurLlu25I
IntelBroker is a solo <a class="wpil_keyword_link" title="hacker" href="https://thecyberexpress.com/what-is-a-hacker/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3574">hacker</a> who gained infamy in 2023 for breaching Weee! and leaking data of 11M customers. Allegations hint at its connection to Iranian state entities, though IntelBroker denies it, claiming independence from Serbia.
The hacker's focus on <a href="https://thecyberexpress.com/lockheed-martin-cyber-attack-turk-hack-team/" target="_blank" rel="noopener" data-wpil-monitor-id="3582">US defense</a> suggests state cooperation. In an <a href="https://thecyberexpress.com/intelbroker-interview-exclusive/" target="_blank" rel="noopener">exclusive interview</a> with <a href="https://thecyberexpress.com/" target="_blank" rel="noopener">The Cyber Express</a>, the hacker shared information about these operations and himself as a person. Instead of being a full-fledged member of a <a href="https://thecyberexpress.com/royal-ransomware-group-evans-consoles-breach/" target="_blank" rel="noopener" data-wpil-monitor-id="3580">ransomware group</a>, IntelBroker has been working alone but has collaborated with other hackers in the industry.
IntelBroker's targets span national security, government, <a href="https://thecyberexpress.com/cease-and-desist-critical-infrastructure-attacks/" target="_blank" rel="noopener" data-wpil-monitor-id="3581">critical infrastructure</a>, and commerce sectors, executing extensive data breaches without traditional ransomware tactics. The hacker's methods include exploiting <a class="wpil_keyword_link" title="vulnerabilities" href="https://thecyberexpress.com/what-are-vulnerabilities/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3572">vulnerabilities</a> and utilizing the "Endurance-wiper" tool.
Transactions predominantly occur in XMR <a href="https://thecyberexpress.com/lummac2-stealer-browsers-crypto-wallet-data/" target="_blank" rel="noopener" data-wpil-monitor-id="3583">cryptocurrency</a>, ensuring anonymity. The hacker breaches extend to companies like Razer, AT&T, and Verizon, sparking debates on corporate <a href="https://thecyberexpress.com/singapore-cybersecurity-practices-crtf/" target="_blank" rel="noopener">cybersecurity practices</a>. Despite lucrative gains, IntelBroker advocates transparency in reporting breaches to maintain credibility.
<span style="color: #ff0000;"><i><span style="font-weight: 400;">Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. <a style="color: #ff0000;" href="https://thecyberexpress.com/" target="_blank" rel="noopener">The Cyber Express</a> assumes no liability for the accuracy or consequences of using this information.</span></i></span>
https://thecyberexpress.com/alleged-zsca...ta-breach/
<p><img width="1000" height="633" src="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-e1715241591769.webp" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Zscaler data breach" decoding="async" srcset="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-e1715241591769.webp 1000w, https://thecyberexpress.com/wp-content/u...0x190.webp 300w, https://thecyberexpress.com/wp-content/u...8x486.webp 768w, https://thecyberexpress.com/wp-content/u...0x380.webp 600w, https://thecyberexpress.com/wp-content/u...50x95.webp 150w, https://thecyberexpress.com/wp-content/u...0x475.webp 750w" sizes="(max-width: 1000px) 100vw, 1000px" /></p><span style="font-weight: 400;">IntelBroker has asserted a massive breach, and has now sold the access to </span><span style="font-weight: 400;">a cybersecurity entity with a hefty annual revenue of USD 1.8 billion. The threat actor has traded USD 20,000 in XMR or ETH to an unknown entity on a dark web forum. </span>
<span style="font-weight: 400;">The initial offer touted access to a trove of sensitive information, including SSL keys, SMTP access, PAuth/Pointer Authentication, and various login credentials. Despite the lack of concrete evidence, a conversation surfaced on social media platforms purportedly involving IntelBroker, further fueling speculation. </span>
<span style="font-weight: 400;">While the forum post rumors hinted at the US-based <a href="https://thecyberexpress.com/the-best-practices-of-a-successful-migration/" target="_blank" rel="noopener" data-wpil-monitor-id="3584">cloud security</a> giant, Zscaler Inc., the actual target remains unconfirmed due to the absence of corroborating proof. However, Zscaler's recent security update on its website hints at a possible connection between the two <a class="wpil_keyword_link" title="events" href="https://thecyberexpress.com/cyber-security-events/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3575">events</a>. </span>
<h3><span style="font-weight: 400;">Alleged Zscaler Data Breach Threatens the Cybersecurity Community</span></h3>
[caption id="attachment_67457" align="alignnone" width="1765"]<img class="wp-image-67457 size-full" src="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-1.webp" alt="a screenshot of a computer" width="1765" height="625" /> Source: <a class="wpil_keyword_link" title="Dark Web" href="https://thecyberexpress.com/what-is-the-dark-web/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3576">Dark Web</a>[/caption]
<span style="font-weight: 400;">The gravity of the alleged Zscaler <a class="wpil_keyword_link" title="data" href="https://thecyberexpress.com/what-is-data/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3577">data</a> breach escalated when rumors emerged surrounding a possible breach within the organization's infrastructure. Allegations circulated that a <a href="https://thecyberexpress.com/cactus-cyber-attack-latest-victim-update/" target="_blank" rel="noopener" data-wpil-monitor-id="3578">threat actor</a> was peddling access to the company's systems. In response, Zscaler swiftly took its "<a href="https://trust.zscaler.com/zscaler.net/posts/18686" target="_blank" rel="nofollow noopener">test environment</a>" offline for analysis, aiming to ascertain the authenticity of the claims.</span>
However, the current update from the <a href="https://thecyberexpress.com/hsbc-bank-data-breach-barclays/" target="_blank" rel="noopener">hacker</a> stated that the unauthorized access has now been sold. Apart from the update, no further information was provided on the receiver who allegedly purchased the unauthorized access for USD 20,000.
Zscaler has <a href="https://thecyberexpress.com/critical-security-flaw-javascript-library-vm2/" target="_blank" rel="noopener" data-wpil-monitor-id="3579">updated its security</a> page, stating, "<span style="font-weight: 400;">Zscaler continues to investigate and reiterates there is no impact or compromise to our customer, production, and corporate environments. During the afternoon of May 8, we engaged a reputable <a href="https://thecyberexpress.com/effective-api-security-strategy/" target="_blank" rel="noopener" data-wpil-monitor-id="3585">incident response</a> firm that initiated an independent investigation. We continue to monitor the situation and will provide additional updates through the completion of the investigation".</span>
[caption id="attachment_67460" align="alignnone" width="1330"]<img class="wp-image-67460 size-full" src="https://thecyberexpress.com/wp-content/uploads/Zscaler-data-breach-update.webp" alt="Zscaler data breach update" width="1330" height="552" /> Source: Zscaler[/caption]
<span style="font-weight: 400;">Initially, Zscaler reassured stakeholders that their investigation yielded no evidence of compromise within their customer or production environments. However, concerns persisted as discussions around the purported Zscaler data breach proliferated online. Users on various platforms debated the authenticity of the claims, with some expressing skepticism while others confirmed the breached organization is <a class="wpil_keyword_link" title="cybersecurity" href="https://thecyberexpress.com/what-is-cybersecurity/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3573">cybersecurity</a> giant.</span>
<h3><span style="font-weight: 400;">Zscaler Responds to the Alleged Breach Claims </span></h3>
<span style="font-weight: 400;">Amid the uncertainty, Zscaler remained positive, emphasizing its commitment to safeguarding customer and production environments. Updates from Zscaler's Trust site reiterated their dedication to thorough <a href="https://thecyberexpress.com/cyberattack-on-nexperia-confirmed/" target="_blank" rel="noopener">investigation</a> and transparency. While it confirmed the discovery of an isolated test environment exposed to the internet, they highlighted its lack of connectivity to critical systems and absence of customer data.</span>
<span style="font-weight: 400;">Talking about the rumors, Zscaler stated that the organization is aware of the claims and they are currently investigating the data. “Zscaler is aware of a public X (formerly known as Twitter) post by a threat actor claiming to have potentially obtained unauthorized information from a cybersecurity company. There is an <a href="https://thecyberexpress.com/northern-light-health-cyberattack-update/" target="_blank" rel="noopener" data-wpil-monitor-id="3586">ongoing investigation</a> we initiated immediately after learning about the claims. We take every potential threat and claim very seriously and will continue our rigorous investigation”, added Zscaler. </span>
<h3><span style="font-weight: 400;">Who is IntelBroker?</span></h3>
https://www.youtube.com/watch?v=wXuurLlu25I
IntelBroker is a solo <a class="wpil_keyword_link" title="hacker" href="https://thecyberexpress.com/what-is-a-hacker/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3574">hacker</a> who gained infamy in 2023 for breaching Weee! and leaking data of 11M customers. Allegations hint at its connection to Iranian state entities, though IntelBroker denies it, claiming independence from Serbia.
The hacker's focus on <a href="https://thecyberexpress.com/lockheed-martin-cyber-attack-turk-hack-team/" target="_blank" rel="noopener" data-wpil-monitor-id="3582">US defense</a> suggests state cooperation. In an <a href="https://thecyberexpress.com/intelbroker-interview-exclusive/" target="_blank" rel="noopener">exclusive interview</a> with <a href="https://thecyberexpress.com/" target="_blank" rel="noopener">The Cyber Express</a>, the hacker shared information about these operations and himself as a person. Instead of being a full-fledged member of a <a href="https://thecyberexpress.com/royal-ransomware-group-evans-consoles-breach/" target="_blank" rel="noopener" data-wpil-monitor-id="3580">ransomware group</a>, IntelBroker has been working alone but has collaborated with other hackers in the industry.
IntelBroker's targets span national security, government, <a href="https://thecyberexpress.com/cease-and-desist-critical-infrastructure-attacks/" target="_blank" rel="noopener" data-wpil-monitor-id="3581">critical infrastructure</a>, and commerce sectors, executing extensive data breaches without traditional ransomware tactics. The hacker's methods include exploiting <a class="wpil_keyword_link" title="vulnerabilities" href="https://thecyberexpress.com/what-are-vulnerabilities/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3572">vulnerabilities</a> and utilizing the "Endurance-wiper" tool.
Transactions predominantly occur in XMR <a href="https://thecyberexpress.com/lummac2-stealer-browsers-crypto-wallet-data/" target="_blank" rel="noopener" data-wpil-monitor-id="3583">cryptocurrency</a>, ensuring anonymity. The hacker breaches extend to companies like Razer, AT&T, and Verizon, sparking debates on corporate <a href="https://thecyberexpress.com/singapore-cybersecurity-practices-crtf/" target="_blank" rel="noopener">cybersecurity practices</a>. Despite lucrative gains, IntelBroker advocates transparency in reporting breaches to maintain credibility.
<span style="color: #ff0000;"><i><span style="font-weight: 400;">Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. <a style="color: #ff0000;" href="https://thecyberexpress.com/" target="_blank" rel="noopener">The Cyber Express</a> assumes no liability for the accuracy or consequences of using this information.</span></i></span>
https://thecyberexpress.com/alleged-zsca...ta-breach/