The notorious hacker peddling an alleged cache of stolen data from General Electric (GE) claims to have successfully unloaded the ill-gotten stash.
The bad actor – who goes by the moniker IntelBroker – first advertised the GE trove for $500 on the popular online hacker marketplace, BreachedForums.com, on November 19th.
“Hello. I am selling access to some development and software pipelines belonging to General Electrics. Price is set to $500 currently, so if you're interested, message me,” the hacker posted in the forum’s “Sellers Place.”
Apparently, since there were no takers, IntelBroker relisted the advertisement a few days later in the Leaked section of the forum with much better results.
While all this was going on at BreachedForums, GE found out about the posts and has since launched an investigation into the allegations.
“We are aware of claims made by a bad actor regarding GE data and are investigating these claims," a GE spokesperson told Cybernews.
“Business operations are not impacted, and we will continue to take appropriate measures to help protect the integrity of our systems,” the spokesperson said.
GE has not confirmed or denied that any cyberattack actually took place.
Meantime, the hacker’s second advertisement titled “General Electrics & DARPA,” provided a more detailed explanation along with a seven-piece sample of the alleged GE data.
“I previously listed the access to General Electrics, however, no serious buyers have actually responded to me or followed up,” the ad read.
“I am now selling the entire thing here separately, including access (SSH, SVN etc).
Data includes a lot of DARPA-related military information, files, SQL files, documents etc,” IntelBroker said.
One of the samples contained a table of contents for a GE Aerospace report clearly stamped with the label “Export Controlled Technical Data.”
DARPA, the US Department of Defense’s Advanced Research Projects Agency, is tasked with developing emerging technologies for the US military.
“If you want to buy this please message me on site for contact methods, XMR only,” the post said.
XMR is the abbreviation for Monero cryptocurrency – one of the only crypto exchanges where transactions are anonymous by default, making them untraceable and thereby a favorite among cybercriminals.
On November 27th, IntelBroker tacked on a “SOLD” update to both the ads, evidently successful at unloading the sensitive data.
General Electric, whose technology helps generate approximately 30% of the world’s electricity, announced in 2021 that it was splitting into three separate entities - Aviation, Healthcare, and Renewable Energy and Power.
GE Aviation main mission is to develop breakthrough technologies for commercial and military aircraft engines, according to the GE website.
The hacker, IntelBroker, has made a name for themselves by leaking the stolen data of some fairly high profile breaches over the past year.
Datasets up for grabs on BreachedForums contained information on 37 million T-Mobile customers, 11 million customers from the grocery delivery platform Weee!, 144K UScellular customers, and the private health insurance information of 170K DC Health Link customers, which included dozens of US House and Senate members.
At one point IntelBroker was banned from BreachedForums for violating its code of ethics. BreachedForums experienced its own problems after the site was shut down by the FBI in a massive raid this spring, but popped back up under its second in command and is back in full swing, with IntelBroker fully active since June.
Your email address will not be published. Required fields are markedmarked