‼️🇵🇸 A post on a popular cybercrime forum is auctioning shell access to a Palestinian ISP/MSP t...

Summary

A cybercrime forum post is offering shell access to a Palestinian ISP/MSP providing data center, VPN, VoIP, and FTTB services. The attacker claims SYSTEM-level privileges on a domain-joined Windows machine in the victim's Active Directory, potentially giving buyers full control of critical infrastructure. This represents a significant supply-chain risk given the ISP's role as a service provider to downstream customers.

Indicators of Compromise

• malware — shell access to Palestinian ISP/MSP