C-level Executive Account Credentials for Sale on Russian Hacking Forum
Hundreds of accounts pertaining to C-level employees at various companies worldwide are up for grabs on an underground forum for Russian hackers. A hacker is selling email and password credentials for Microsoft and Office 365 accounts that supposedly belong to high-ranked executives, including CEOs, COOs, Presidents, and Vice Presidents.
Other job titles sold on the closed underground hacking group “Expolit.in” are CFO, CMO, CTO, Finance Manager, Finance Director, Director, Account, Executive Assistant, Financial Controller, and Accounts Payables. The price varies between $100 and $1,500, depending on the company size and the employee’s job position.
And to prove his data was the real deal, the threat actor published account details of a president of an American apparel and accessories maker and an executive of a UK consulting agency. Furthermore, a source in the cybersecurity field confirmed the validity of the emails and passwords to ZDNet after they contacted the hacker and bought two accounts.
The credentials belonged to the CEO of a US software company and a European store chain’s CFO. The seller did not disclose how he acquired the stolen data but stated that he had hundreds more.
Credentials Profitable for Hackers
According to intelligence firm KELA, the same cybercriminal was previously interested in buying computer data stolen using the AzorUlt trojan, aka Azor logs. Cyberattackers use such malware to obtain emails, usernames, passwords, and other related information, organize them, then sell them to other hackers.
Raveed Laeb, Product Manager at KELA, said that credentials are very valuable to threat actors because they can use them in different ways to make a profit. In addition to selling the data, the attackers can impersonate company officials and trick employees into wiring them money. They can also use them to access sensitive data, extort the company for its release, or gain more expansive entry to infect network systems.
Therefore, enabling two-factor authentication (2FA) is crucial as it can prevent hackers from taking advantage of the credentials.
Virtual private networks, or VPNs for short, are also handy tools to ensure online security and privacy. By encrypting Internet traffic and masking IP addresses, users gain total anonymity and unlimited access to geo-restricted online content.