Hacker selling hundreds of CEO, CFO email passwords on dark web
A hacker is selling password for the Microsoft email accounts of hundreds of top-level executives of hundreds of companies on the Dark Web for nearly $100-$1,500 (nearly Rs 7,400-Rs 1.1 lakh) per account, a ZDNet report said on Friday.
As per the report, “the data is being sold on a closed-access underground forum for Russian-speaking hackers named Exploit.in.”
The report suggested that the hacker is selling email and password combinations for Office 365 and Microsoft accounts of C-level executives and the selling price is set depending upon the company size and the role of the executive.
Top executives like chief executive officers, chief operating officers, chief financial officers, chief marketing officers, chief technology officers, presidents, vice presidents and company directors are at risk of losing potential company-related and other information.
As per the report, “a source in the cyber-security community who agreed to contact the seller to obtain samples has confirmed the validity of the data and obtained valid credentials for two accounts, the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain.”
“The seller refused to share how he obtained the login credentials but said he had hundreds more to sell,” it added.
According to data provided by threat intelligence firm KELA, the same hacker previously expressed interest in buying “Azor logs,” a term that refers to data collected from computers infected with the AzorUlt info-stealer trojan.
Compromised corporate email accounts are goldmines for cybercriminals as “they can be monetised in many different ways,” KELA Product Manager Raveed Laeb was quoted as saying.
Most likely, the compromised emails can be abused for CEO scams, also known as Business Email Compromise (BEC) scams which are on the rise globally including in India.
Global cybersecurity firm Trend Micro recently said it blocked 438 million email-borne cyber threats in India in the first half of this year which represented the third-highest numbers in Asia. Business Email Compromise (BEC) detections increased by 18 percent from the second half of 2019, in part due to scammers trying to capitalise on home workers being more exposed to social engineering.
Educational institutions are more than twice as vulnerable to a carefully-crafted BEC attack than an average organisation, according to a latest report by Barracuda Networks, a leading provider of cloud-enabled security solutions.
Using this form of attack, threat actors have taken hold of schools, resulting in devastating losses. Such spear phishing attacks hit the Indian education sector hard between June and September, affecting more than 1,000 schools, colleges, and universities, according to the report that came out earlier this month.
From：On DarkNet – Dark Web News and Analysis
Copyright of the article belongs to the author, please do not reproduce without permission.