‼️🇬🇧 A threat actor is auctioning full admin access and shell access to a UK-based WordPress/Sh...
A threat actor is publicly auctioning full admin and shell access to a UK-based WordPress/Shopify e-commerce store with nearly 2,900 historical orders and an active payment processing pipeline. The compromised store processes significant transaction volume (79 orders in March alone) and uses IFRAME-based payment forms, likely exposing customer payment data to the attacker.
Summary
A threat actor is publicly auctioning full admin and shell access to a UK-based WordPress/Shopify e-commerce store with nearly 2,900 historical orders and an active payment processing pipeline. The compromised store processes significant transaction volume (79 orders in March alone) and uses IFRAME-based payment forms, likely exposing customer payment data to the attacker.