On Sunday, February 23, a dark web user known as EDRVendor posted an advertisement claiming to sell access to an email account belonging to the Supreme Court of Justice of the Nation (SCJN), including sensitive information and legal documents. This posting raised concerns among cybersecurity analysts about a potential breach in the Judiciary of Mexico.
However, a detailed analysis of the evidence suggests that the authenticity of this offer is still unclear and it could be an attempt to scam within the black market of cybercrime. EDRVendor is known for selling access to government emails in several countries, which suggests that it is now trying to sell this information individually to make it more attractive.
Víctor Ruiz, a certified cybersecurity instructor and founder of SILIKNA, expressed skepticism about EDRVendor's offer, highlighting that his previous posts show similar patterns of selling access to government and judicial accounts in various countries. Although EDRVendor's post has generated alarm, there is no strong evidence that he actually has access to an SCJN account.
If the access were real, the risks could include exposure of confidential legal documents, fraudulent use of the account to deceive citizens and businesses, phishing attacks impersonating the SCJN, and manipulation of judicial processes through social engineering. EDRVendor has offered access to emails from judicial and public security institutions at prices ranging from $35 to $500.
Despite the alarm triggered by EDRVendor's posting, there are doubts about the authenticity of the access to the SCJN due to inconsistent evidence, such as an image suggesting that the email belongs to the Judicial Branch of Quintana Roo and not to the SCJN, as well as the association of the compromised email with a person not officially registered as an official of the SCJN. It is possible that EDRVendor is exaggerating or manipulating information to attract buyers on the dark web.
