A threat actor operating under the alias, mecrobyte, has posted on a dark web forum announcing a successful breach of the admin controller for OwlCom, a company based in Tunisia. The attacker shared the details on DarkForums, celebrating the hack and mocking the company’s security.
According to the post, mecrobyte gained:
- Full access to OwlCom’s admin panel, found at https://owlcom.tn/admin
- The ability to change critical configurations and settings
- Control over user management systems and internal resources
- The power to potentially disrupt services or steal sensitive information
They also left behind sample admin credentials and an associated email address, supposedly as proof.
Admin panel compromises are serious because they give attackers total control over a company’s backend. From there, they can modify user data, shut down services, inject malicious code, or steal confidential files.