-
A hacker claims to be selling 8 million Armenian government records on an underground forum for $2,500.
-
The alleged breach involves a government notification system used for official communications from police and courts.
-
Armenian authorities have launched an investigation, suggesting the data came from their electronic civil litigation platform.
A cybercriminal just put Armenia’s government data up for grabs. The asking price? $2,500 for what they allege is access to voluminous official records. Unrest springs forth as Armenian officials scramble to figure out exactly what was collected and the scale of the incident.
The seller identifies as dk0m on sneaky hacking hubs. They’re advertising a massive dataset supposedly pulled from a government notification system. This system handles the distribution of official communications across Armenia, including sensitive notices from law enforcement and judicial institutions.
What’s Actually Being Sold
The advertised package contains roughly 8 million records tied to official government notifications. We’re talking about communications from police departments and judicial bodies. The kind of data that could make a scammer’s job incredibly easy.
Armenian authorities responded instantly. Over the weekend, a strategic communications body of the government, the Public Relations and Information Center of Armenia, disclosed a statement. They nullified every claim that the key government email technology of the nation is in jeopardy. However, they acknowledged that attackers may have gotten into data from a different state platform.
According to PRIC, early findings point to the electronic civil litigation platform as the likely source. The government body stated that an internal investigation is currently underway to verify where exactly the data originated and determine how unauthorized access occurred.
The Broker Behind the Breach
This strike from dk0m isn’t the first. A non-governmental entity focused on digital security, CyberHUB-AM, monitored this bad actor for years. According to their records, dk0m actively monetizes government-related credentials since at least 2024.
The hacker’s method is fairly standard but effective. They typically use infostealer malware to do the dirty work. The malware’s core function is to grab any saved passwords and active session cookies it can find on an infected machine. Once they identify access to sensitive government portals, they harvest the data and put it up for sale.
According to CyberHUB-AM, dk0m has built a solid reputation in the criminal underworld. The actor has previously offered data connected to government ministries in Argentina, Ukraine, and Brazil. To build trust with potential buyers, they often share sample data or database structures as proof of authenticity.
Here’s where it gets interesting. Screenshots from August 2024 suggest dk0m may have already possessed Armenian government-related data months ago. Researchers believe the current sale might be an attempt to finally monetize material that was obtained much earlier.
The threat isn’t limited to sophisticated, established actors like dk0m. Recently, Spanish authorities arrested a teenage hacker for allegedly attempting to sell the data of 64 million citizens on the dark web, which proves that even less experienced individuals can now access and weaponize massive datasets (broadening the threat landscape significantly).
Why Endanger Citizens
If this data is real, Armenian citizens are in serious trouble. CyberHUB-AM researchers have sounded the alarm on the potential fallout.
Data that appears official and is linked to courts, law enforcement services, or police structures dramatically reduces the difficulty of pulling off social engineering attacks, the group explained. Citizens become prime targets for extremely convincing scam messages that reference actual case numbers, fines, or enforcement actions.
This isn’t the first time government data has been weaponized recently. A similar threat emerged at the end of 2025, when a fake government portal leaked passports and personal documents of 1,100 Bangladeshis directly to the dark web. These incidents underscore a clear pattern: whether through direct hacking or deceptive phishing traps, official data is a prime target, and its leak creates immediate, high-stakes risk for citizens.
This authenticity factor is what makes it dangerous. When someone receives a message that includes real details from government systems, they’re far more likely to panic and comply. The psychological pressure of thinking you’re dealing with actual law enforcement can override normal caution.
Scammers could craft realistic phishing campaigns, threaten individuals using arrest warrants, massive fines, or even court appearances. They back up these actions with data stolen from government materials.
The investigation continues; however, what this breach painted is clear. Valuable resources collected from the government are trending on the dark web. Apart from trading, there’s a lot buyers can do with the given information.
Armenian authorities haven’t disclosed a timeline for their investigation. But with 8 million records potentially exposed, the pressure is on to secure systems and warn citizens about possible scam attempts.
