‼️ A threat actor is allegedly selling Active Directory Dumper & VPN Checker v2.0, a centrali...

Summary

A threat actor known as Snow is marketing Active Directory Dumper & VPN Checker v2.0, a reconnaissance and credential validation toolkit, on a cybercrime forum starting at $1,000. The tool enables attackers to enumerate Active Directory environments and validate VPN credentials for lateral movement and persistence. This represents a commoditization of post-compromise reconnaissance capabilities commonly used in enterprise breach chains.

Indicators of Compromise

• malware — Active Directory Dumper & VPN Checker v2.0

Entities