An initial access broker claims to have hacked Deutsche Bank

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram.

A threat actor (0x_dump) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online.

The security researcher Dominic Alvieri was one of the first experts to report the announcement published by the initial access broker on Telegram.

The IAB claims to have access to around 21000 machines in the bank’s network, most of which are Windows systems. It also claims that the compromised machines were protected with a Symantec EDR solution.

“FTP , Shells , root , SQL-inj, DB, Servers.. We selling another network accss of a particular Bank, internal network ,we have DA, domain has around 21k machines configured most being windows Edr of machines are Symantec . Also internal network filters TCP,UDP,HTTP & HTTPS . Employees communicate between office chats services, there is file servers with more that 16TB of internal Data including share folder for every usr on the network & They also have flexcube DB.. We can provide VDI & VPN + all passwords of domain dump (with DA usr’s) Their funds is in B$ Price 7.5BTC We will request for proof that one can afford to avoid time wasters etc…” reads the announcement.

The seller said to have had access to the chat services used for internal communications, he also claimed to have access to file servers containing 16 terabytes of data.

The IAB is offering access to the Deutsche Bank 7.5 Bitcoin, worth approximately $156,274.

The seller added that he is receiving a lot of requests for this offer:

“We are getting a lot of requests and it’s hard to filter out fake buyers so we ask for proof you can afford it or (share with us your @ on forums (we recommend we’ll known individuals for us to work easily)” added the seller.

Alvieri speculates that the IAB is the same broker who recently offered for sale access to the systems of the Australian health insurance Medibank.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Deutsche Bank)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.