4 hours ago
![[Image: Latvijas_valsts_me%C5%BEu_logo.jpeg]](https://external-content.duckduckgo.com/iu/?u=https://upload.wikimedia.org/wikipedia/lv/4/40/Latvijas_valsts_me%C5%BEu_logo.jpeg){kind=logo}
**
1_FOOTHOLD.png
https://dumpli.li/image/895529a5a7f90887.png (https://drive.google.com/file/d/12UBx0ud...drive_link)
2_ARCGIS_EXPOSED.png
https://dumpli.li/image/b52b2abcc3310bf5.png (https://drive.google.com/file/d/1uh8LABI...drive_link)
3_SPLUNK_PIVOT.png
https://dumpli.li/image/202d3e66609691aa.png (https://drive.google.com/file/d/1p3Y7Mwx...drive_link)
4_POSGRESS_PIVOT.png
https://dumpli.li/image/812a175028964a7c.png (https://drive.google.com/file/d/1w-fGOjO...drive_link)
5_XXE_ATTACK.png
https://dumpli.li/image/73a31f789fc80dba.png (https://drive.google.com/file/d/1HAIaI-T...drive_link)
6_WANDERER.png
https://dumpli.li/image/f5258dbd6b614e2c.png (https://drive.google.com/file/d/1uWMHKoV...drive_link)
7_HANGFIRE_REDIS_PIVOT.png
https://dumpli.li/image/1e0b3a1689a8d220.png (https://drive.google.com/file/d/19PdILba...drive_link)
8_JDWP_PIVOT.png
https://dumpli.li/image/c283dd6d6be0ddbe.png (https://drive.google.com/file/d/1Jq0c7MK...drive_link)
9_WUFFWUFF!.png
https://dumpli.li/image/ddc1bc845c22710d.png (https://drive.google.com/file/d/1zHFpoLE...drive_link)
10_MANAGE_ENGINE_PWND.png
https://dumpli.li/image/29ec85ab443ed432.png (https://drive.google.com/file/d/1NiuWSU5...drive_link)
11_DOMAIN_ADMIN(S).png
https://dumpli.li/image/00ca1d280ccd0020.png (https://drive.google.com/file/d/1kOap3-t...drive_link)
12_SHAALOM_MR_VSPHERE.png
https://dumpli.li/image/66366e380f44e666.png (https://drive.google.com/file/d/1LTKG7x0...drive_link)
13_C2_CONTROL.png
https://dumpli.li/image/627cda7899524e7b.png (https://drive.google.com/file/d/1VXewk3f...drive_link)
14_VEEAM_ATTACK!.png
https://dumpli.li/image/55a0a1c992a18b8f.png (https://drive.google.com/file/d/1cA9but4...drive_link)
* Intro :
It feels good to come back !
Most of LVM subdomains and infrastructure is currently down. I completely took over the Active directory, vCenter, and atleast 10 subnets (not taking into account the regional offices), emails, documents, and source codes (LVMGEO and other projects). A successful ransomware deployment, in addition to a copy of the internal documents system(GRIFS)
I can only imagine the current mess happening at LVM, INGKA, IKEA (they own most Latvian forests ! Get some pride you invaded Latvian Niggaz !!), CERT.LV, and the ministry of Agriculture.
PS: Don't hesite to contact me to decrypt your files, or get back your 7000~ passwords. I also encrypted The password manager vault, so let's hope you exported the passwords before the attack. I know i did :)
RECON:
BACKUP 1 : https://drive.google.com/drive/folders/1...drive_link
BACKUP 3 : https://e.pcloud.link/publink/show?code=...jm7HY5S5eV
BACKUP 4 : https://ln5.sync.com/dl/176805480#ksufwt...9-yuphm2xa
BACKUP 4 : https://www.mediafire.com/folder/25c2wvfwagg7x/LVM
- Contacts:
Signal : @bytetobreach .33
Session: 05c2db4775cb46350f16814dfe3bfa856664f315585653e4c368af08ce50b0c31b
Telegram: @Bytetobreach33
Email : Bytetobreach@tuta.com / Dodkhloyka@outlook.com
X: @GgsFafagas
Website : Bytetobreach.com
PS: Prefer messages on Session / Signal.
JESSUS IS KING.