bishik77, a member of the forum Exploit, is selling access to the network of a U.S. car dealership and service organization with more than $44 million in annual revenue and 1,000 PCs for $1,000. According to the actor, the network was compromised with an unspecified remote access trojan (RAT). The actor also stated that they will help potential buyers to upload PowerShell or WebShell scripts.
Nuspire recommends that organizations:
– Utilize Next-Gen Anti-Virus with heuristics and behavioral analysis
– Only download apps and software from sources you can trust
– Do not click on links or attachments within unexpected or suspicious emails
– Avoid clicking suspicious web links, pop-ups, or dialogue boxes from websites