According to Víctor Ruiz, a recognized cybersecurity specialist, in a recent publication in a clandestine forum on the dark web, a threat actor identified as bmox offered exclusive access to a Mexican state system for the sum of $30,000 dollars. This package was aimed at "serious" buyers looking for strategic access to a high-level network and required a refundable deposit of $3,000 USD to obtain more details.
The bmox offer specified that no evidence of access would be provided until after receiving the deposit, suggesting it was a closed operation intended for actors with resources and experience in this field. This situation has raised concerns among cybersecurity experts, who fear it could trigger a cyberattack against critical infrastructures in Mexico. Such threats could cause uncertainty and distrust among the population, as well as jeopardize the functioning of vital sectors such as energy, finance, defense, transportation, and communications.
Víctor Ruiz also highlighted that bmox's technical history reveals a dangerous profile, increasing the likelihood that the offer is genuine. It is believed that bmox could be collaborating with larger actors in the criminal sphere, which could have serious consequences for the country. Additionally, there is mention of the possibility of being linked to criminal organizations such as the Jalisco New Generation Cartel (CJNG) or ransomware networks, raising concerns about the security of critical Mexican infrastructures.
In light of this situation, there is a need to take preventive measures and strengthen security systems to avoid potential cyberattacks in the future. Mexican authorities are actively investigating the network of hackers linked to the CJNG, whose goal would be to infiltrate the country's financial and security systems. The fragility of the border between the digital and the criminal in Mexico makes the protection of critical infrastructures an urgent and crucial priority in the field of cybersecurity.
