Hacker is selling passwords of the email accounts of hundreds of C-level executives

Hacker is selling passwords of the email accounts of hundreds of C-level executives

Access is offered for $100 to $1500 per account, based on the business size and exec role.

A Threat Actor is presently selling passwords to the email reports of countless C-level executives in firms throughout the world.

The Threat actor is promoting email and password combinations such as Office 365 and Microsoft accounts, which he asserts are possessed by high tech executives occupying functions for example:

The vendor’s Posted an advertisement on Exploit.in For Mass Scale of Sale of those accounts.

A resource in the cyber-security community that agreed to speak to the vendor to get samples have confirmed the validity of their information and got legitimate credentials for 2 reports, the CEO of a US medium-sized software provider and that the CFO of an EU-based retail shop chain.

The seller posted two business’s data publicly as people evidence they had legitimate data to market.

All these were login information for an executive in a UK company management consulting bureau and the president of a US apparel and accessories manufacturer.

In reality, Seller additionally posted Sample login as people evidence.

The seller refused to discuss the way he got the login credentials but stated he has thousands more to sell in the market.

Based on information supplied by threat intelligence company KELA the identical threat actor had expressed interest in purchasing”Azor logs,” an expression that pertains to information gathered from computers infected with an AzorUlt info-stealer trojan.

Infostealer logs nearly always contain usernames and passwords the trojan extracts from browsers located installed on hosts that are infected.

This information can be collected by the info stealer operators, who filter and then arrange this, then put it on the market on committed markets such as Genesis, on hacking forums, or else they market it to other cybercrime gangs.

“Attackers can use them for internal communications as part of a CEO scam’ – in which offenders manipulate workers into wiring large quantities of cash; they may be utilized to be able to get sensitive data as part of an extortion scheme; yet, these credentials may also be manipulated as a way to get access to additional internal systems which need email-based 2FA, to transfer laterally in the business and run a community intrusion,” Laeb added.

However, most probably, the endangered emails will be purchased and mistreated for CEO scams, also called BEC scams.

According to an FBI report this season, BEC scams were, undoubtedly, the most popular kind of cybercrime in 2019, with accounted for half of those cybercrime losses reported annually.

The simplest method of preventing hackers from monetizing any sort of stolen certificate would be to utilize a two-step confirmation (2SV) or two-factor authentication (2FA) alternative to your accounts.

Even if hackers can steal login information, they’ll be useless without the appropriate 2SV/2FA added verifier.

Leave a Reply

Your email address will not be published.