A threat actor using the alias dcadcwacd has listed what they claim is SSH root access to a government subdomain under .gov.et, Ethiopia’s official government domain. The listing, posted on a dark web forum, advertises this access for $150 in Monero (XMR), with the actor open to negotiation.
According to the post, this is specifically subdomain access, not a full top-level government domain compromise. However, root-level access, if genuine, still poses a significant threat, potentially opening the door to web defacements, data breaches, or pivoting deeper into government networks.