Jordanian pleads guilty to selling access to 50 corporate networks
Recorded: Jan. 19, 2026, 5:03 p.m.
| Original | Summarized |
Jordanian pleads guilty to selling access to 50 corporate networks News Featured StealC hackers hacked as researchers hijack malware control panels Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks Malicious GhostPoster browser extensions found with 840,000 installs Cisco finally fixes AsyncOS zero-day exploited since November Hacker admits to leaking stolen Supreme Court data on Instagram Jordanian pleads guilty to selling access to 50 corporate networks Ingram Micro says ransomware attack affected 42,000 people Become fluent in up to 14 languages with this Babbel lifetime offer Tutorials Latest How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to use the Windows Registry Editor How to backup and restore the Windows Registry How to start Windows in Safe Mode How to remove a Trojan, Virus, Worm, or other Malware How to show hidden files in Windows 7 How to see hidden files in Windows Webinars Latest Qualys BrowserCheck STOPDecrypter AuroraDecrypter FilesLockerDecrypter AdwCleaner ComboFix RKill Junkware Removal Tool Deals Categories eLearning IT Certification Courses Gear + Gadgets Security VPNs Popular Best VPNs How to change IP address Access the dark web safely Best VPN for YouTube Forums Virus Removal Guides HomeNewsSecurityJordanian pleads guilty to selling access to 50 corporate networks Jordanian pleads guilty to selling access to 50 corporate networks By Sergiu Gatlan January 19, 2026 A Jordanian man has pleaded guilty to operating as an "access broker" who sold access to the computer networks of at least 50 companies. The charges carry a maximum penalty of 10 years in prison and a fine of up to $250,000, or twice the gross gains or losses resulting from the offense, whichever is greater. The 2026 CISO Budget Benchmark Related Articles: Cybercrime Sergiu Gatlan Previous Article Post a Comment Community Rules You need to login in order to post a comment Not a member yet? Register Now You may also like: Popular Stories Microsoft: Some Windows PCs fail to shut down after January update Microsoft: Windows 11 update causes Outlook freezes for POP users StealC hackers hacked as researchers hijack malware control panels Sponsor Posts Discover how to scale IT infrastructure reliably without adding toil or burnout. New webinar: Choose-your-own-investigation walkthrough of modern browser attacks Upcoming Webinar Follow us: Main Sections News Community Forums Useful Resources Welcome Guide Company About BleepingComputer Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved Login Username Password Remember Me Sign in anonymously Sign in with Twitter Not a member yet? Register Now Help us understand the problem. What is going on with this comment? Spam Abusive or Harmful Inappropriate content Strong language Other Read our posting guidelinese to learn what content is prohibited. Submitting... |
A Jordanian man, Feras Khalil Ahmad Albashiti, also known by online aliases such as "r1z," "Feras Bashiti," and "Firas Bashiti, has pleaded guilty to operating as an "access broker" who sold unauthorized access to the computer networks of at least 50 companies. The case, reported by Sergiu Gatlan, highlights the growing role of initial access brokers in cybercrime ecosystems and underscores the legal consequences for individuals facilitating cyberattacks. Albashiti, a 40-year-old resident of Georgia (where he was arrested and later extradited to the United States), entered his guilty plea in connection with charges of fraud involving access credentials. His sentencing before U.S. District Judge Michael A. Shipp is scheduled for May 11, 2026, with potential penalties including up to 10 years in prison and a fine of $250,000 or twice the financial harm caused by his actions, whichever is higher. The case was uncovered through an investigation into an online forum where malicious actors traded malware and hacking tools, leading law enforcement to identify Albashiti as the user behind the username "r1z." The charges stem from Albashiti’s decision to sell network access to at least 50 companies in exchange for cryptocurrency during an undercover operation on May 19, 2023. This incident illustrates the modus operandi of initial access brokers, who act as intermediaries in cybercrime by providing threat actors with the credentials needed to breach corporate networks. Once inside, these attackers can deploy ransomware, steal sensitive data, or conduct espionage, as noted in court documents. The role of access brokers has become increasingly critical in the cybercriminal supply chain, enabling more sophisticated and large-scale attacks. Albashiti’s case is part of a broader trend in which law enforcement agencies are targeting these facilitators to disrupt cybercrime operations. For instance, in November 2025, a Russian national also pleaded guilty to acting as an initial access broker for Yanluowang ransomware affiliates, which targeted at least eight U.S. companies between July 2021 and November 2022. The article also contextualizes Albashiti’s activities within recent cybercrime developments, including Microsoft’s warnings about an initial access broker known as Storm-0249. This group has been exploiting endpoint detection tools and trusted Microsoft Windows utilities to load malware and establish persistence on victim systems, preparing for ransomware attacks. Such tactics demonstrate the evolving strategies of cybercriminals, who increasingly rely on sophisticated methods to evade detection. Albashiti’s actions align with these patterns, as his role as an access broker facilitated the entry points required for subsequent attacks. The case underscores the interconnected nature of cybercrime, where individual actors like Albashiti serve as critical links in a chain that can lead to widespread damage. The extradition of Albashiti from Georgia highlights the international collaboration required to address cybercrime, as digital offenses often transcend national borders. The U.S. Justice Department’s Office of International Affairs played a key role in securing his transfer, reflecting the growing emphasis on cross-border legal efforts to combat cyber threats. This case also raises questions about the challenges of prosecuting cybercriminals who operate from jurisdictions with varying levels of cooperation with U.S. authorities. Albashiti’s guilty plea, however, signals the potential effectiveness of such collaborations when law enforcement successfully identifies and apprehends individuals involved in cybercrime. The article provides additional context by mentioning related cybersecurity incidents, such as the hijacking of malware control panels by researchers and the exploitation of critical vulnerabilities in Fortinet’s FortiSIEM software. These examples illustrate the dynamic and multifaceted nature of cyber threats, where both criminal actors and security professionals engage in an ongoing battle for control over digital infrastructure. Albashiti’s case is part of this broader landscape, emphasizing the need for continuous vigilance and adaptive defense strategies. The mention of Microsoft’s warnings about Storm-0249 further underscores the importance of monitoring emerging threats and understanding how access brokers contribute to the proliferation of cyberattacks. The legal ramifications for Albashiti’s actions reflect the severity with which U.S. authorities view cybercrime, particularly when it involves large-scale compromises of corporate networks. The potential penalties he faces—ranging from imprisonment to substantial fines—serve as a deterrent to others considering similar activities. However, the case also highlights the challenges of quantifying the financial impact of cybercrimes, as the fine is tied to either a fixed amount or twice the gross gains or losses from the offense. This approach acknowledges the difficulty of assessing the full extent of damage caused by cyberattacks, which can include not only direct financial losses but also reputational harm and operational disruptions. The article’s focus on Albashiti’s role as an access broker also sheds light on the broader implications of such activities for corporate cybersecurity. By selling network access, individuals like Albashiti enable threat actors to bypass traditional security measures, making it easier for them to execute attacks. This underscores the importance of robust access control policies and continuous monitoring of network vulnerabilities. Organizations must remain vigilant against both external threats and internal breaches, as the compromise of a single access point can lead to cascading failures across an entire infrastructure. The case serves as a cautionary tale for businesses, emphasizing the need to invest in comprehensive cybersecurity frameworks and threat detection systems. In addition to its focus on Albashiti’s individual actions, the article touches on broader trends in cybercrime, including the rise of ransomware and the increasing sophistication of malware distribution methods. The mention of groups like Yanluowang and Storm-0249 illustrates how cybercriminals are leveraging advanced techniques to maximize their impact. These groups often operate in a decentralized manner, making it difficult for law enforcement to trace and dismantle their operations. Albashiti’s case highlights the role of individuals who act as facilitators within these networks, providing the initial access that allows larger-scale attacks to occur. This dynamic raises questions about the effectiveness of current legal and technological measures in addressing the root causes of cybercrime. The article’s publication on BleepingComputer, a well-known cybersecurity news platform, reflects the growing public interest in cybercrime and its consequences. By detailing Albashiti’s case, the article contributes to a broader conversation about the risks posed by cybercriminals and the measures required to mitigate them. It also serves as a reminder of the importance of media coverage in raising awareness about cybersecurity issues, particularly those that affect businesses and individuals alike. The inclusion of related stories, such as the exploitation of a Sitecore zero-day vulnerability and the disruption of a cybercrime virtual desktop service, further contextualizes Albashiti’s actions within an ever-evolving threat landscape. Ultimately, the case of Feras Khalil Ahmad Albashiti exemplifies the complex interplay between individual criminal behavior and systemic cybersecurity challenges. His guilty plea not only reflects the legal consequences of his actions but also highlights the broader implications for corporate and national security. As cybercrime continues to evolve, the need for coordinated efforts among governments, private sector entities, and cybersecurity professionals becomes increasingly critical. Albashiti’s case serves as a reminder of the persistent threat posed by cybercriminals and the importance of proactive measures to safeguard digital infrastructure. The outcome of his sentencing will likely influence future legal approaches to cybercrime, shaping the strategies used to combat similar offenses in the years to come. |