#Hacker vende acceso aliclik
Old credentials from an Infostealer infection enabled a senstive government account takeover
A hacker is selling admin access to Argentina's Ministry of Interior via Cisco Umbrella.
According to the database of cybercrime Intelligence firm, Hudson Rock, the login very likely originates from a 2022 Infostealing malware infection of an Argentinian computer that used the credentials "[admin@mininterior.gov.ar](mailto:admin@mininterior.gov.ar)" to sign into login.umbrella.com (matching the images that are shown by the hacker)- Reset old passwords.
I reported this to Cisco's CSIRT & Umbrella, hope they answer & fix quickly.
Images from the hacker's thread –
Image from Hudson Rock's platform showing an infection of an Argentinian computer, the infection is very old (2022) but the credentials apparently still worked
[matched_content]
Totally normal, we have leaks and security vulnerabilities all around since like forever. Giving information to the gov here is like posting it on facebook on a public profile or smth.
But what can you even do with that?
Yeah we are used to it, don’t worry, nothing ever happens
Selling?
But it’s free!