A dark web actor has allegedly proposed the Telecom Argentina access sale for $100 on a hacking forum. According to the threat actor’s post, interested buyers can acquire access enabling them to query personal information tied to individuals in Argentina.
This includes details on services registered under their names, such as routers, with access to data like Public IP and Private IP addresses. While these claims remain unverified, the actor asserts the authenticity of the Telecom Argentina access sale with multiple samples.
Alleged Telecom Argentina Access Sale on Hacking Forum
The sample data provided by the threat actor further illustrates the depth of information potentially accessible through this Alleged Telecom Argentina breach, including customer names, addresses, device identifiers, and network configurations.
The Cyber Express has reached out to the organization to learn more about this alleged Telecom Argentina cyberattack. However, at the time of writing this, no official statement or response has been received, leaving the claims for the Telecom Argentina access sale on the dark web stand unverified.
Access to sensitive platforms and networks often finds a marketplace on the dark web, where compromised data and credentials are traded. Pricing typically varies based on the level of access and the significance of the compromised information.
Sample Data Reveals Extent of Alleged Telecom Argentina Breach
The data shared by the threat actor in the sample comprise various pieces of information, each potentially originating from distinct documents or sources. In the first excerpt, personal details such as identification numbers and addresses are presented, suggesting a formal document or record.
The second segment appears to be diagnostic data, possibly associated with customer service or technical support, including customer names, addresses, and technical specifications like MAC addresses and timestamps.
Following that, the third snippet contains technical details about a product or service, featuring IP addresses, firmware versions, and hardware identifiers, indicative of network or technical support documentation.
The fourth excerpt references video-related information, specifically mentioning a “DECO FULL IP” and asserting the absence of detected issues, which could pertain to a video streaming service or surveillance system.
Finally, the fifth segment solely presents an IP address, likely part of network configuration or logging data. In summary, these excerpts collectively suggest involvement in technical monitoring, network management, or diagnostics within a system or service context.
The 2020 Telecom Argentina Cyberattack
Interestingly, this purported breach echoes a similar incident in 2020 when Telecom Argentina fell victim to a ransomware attack. The attack, discovered on July 18, 2020, affected over 18,000 internal systems, including critical software like customer relationship management (CRM) systems. The attackers, reportedly identified as the ReVIL group, demanded a ransom of $7.5 million in Monero cryptocurrency.
Commencing in the early hours of July 18, 2020, the Telecom Argentina cyberattack unfolded with the intrusion reaching over 18,000 internal systems. Among the affected targets were CRM software and essential corporate infrastructure. Despite the severity of the breach, there were no reported disruptions to internet or telecommunication services.
The ransom demand posed a substantial figure, totaling approximately $7.5 million. Moreover, it is still unclear if the 2020 cyberattack and Telecom Argentina access sale are related since the current one requires verification from the organization. This is an ongoing story and The Cyber Express will be closely monitoring the situation. We’ll update this post once we have more information on the alleged sale or any official confirmation.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
