Hacker sells access to top level email accounts for as less as ₹7,400


By MYBRANDBOOK


Hacker sells access to top level email accounts for as less as ₹7,400

Email accounts breach saga has been going on till now. The vulnerability of data, email security is on red alert with the on-going incidents. A hacker is found selling passwords for the Microsoft email accounts of hundreds of top-notch executives including CEOs, CFOs and CMOs on the Dark Web for nearly $100-$1,500 (nearly Rs 7,400-Rs 1.1 lakh) per account.

 

According to a report in a business technology website, the threat actor is currently selling email and password combinations for Office 365 and Microsoft accounts of C-level executives and the selling price is set depending upon the company size and the role of the executive.

 

"The data is being sold on a closed-access underground forum for Russian-speaking hackers called exploit.in".

 

The high-level employees at risk include Chief Executive Officers (CEO), Chief Operating Officers (COO), Chief Financial Officers (CFO), Chief Marketing Officers (CMO), Chief Technology Officers (CTO), Presidents, Vice Presidents (VP) and Company Directors, among others.

 

The cover security researcher who agreed to contact the seller to obtain samples "confirmed the validity of the data and obtained valid credentials for two accounts".

 

According to a report, The email accounts belong to the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain.

 

"The seller refused to share how he obtained the login credentials but said he had hundreds more to sell".

 

According to data provided by threat intelligence firm KELA, the same hacker previously expressed interest in buying "Azor logs," a term that refers to data collected from computers infected with the AzorUlt info-stealer trojan.

 

Compromised corporate email accounts are goldmines for cybercriminals as "they can be monetised in many different ways," KELA Product Manager Raveed Laeb was quoted as saying.

 

Most likely, the compromised emails can be abused for CEO scams, also known as Business Email Compromise (BEC) scams which are on the rise globally including in India.

 

Global cybersecurity firm Trend Micro recently said it blocked 438 million email-borne cyber threats in India in the first half of this year which represented the third-highest numbers in Asia.

 

Business Email Compromise (BEC) detections increased by 18 percent from the second half of 2019, in part due to scammers trying to capitalise on home workers being more exposed to social engineering.

 

Educational institutions are more than twice as vulnerable to a carefully-crafted BEC attack as an average organisation, according to a latest report by Barracuda Networks, a leading provider of cloud-enabled security solutions.

 

Using this form of attack, threat actors have taken hold of schools, resulting in devastating losses.

 

Such spear phishing attacks hit the Indian education sector hard between June and September, affecting more than 1,000 schools, colleges, and universities, according to the report that came out earlier this month.

 

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org