Hundreds Of Email Accounts Of C-Level Executives Are Up For Sale, And It’s Scary!

Must Read

Hands-Free Resources: How Businesses Are Using AR to Make Workplaces Safe and Productive

The role of efficiency and ease in the modern world has become forefronted when it comes to technology, particularly...

Top Countries by App Downloads Q2 2021: India Dominates With 7 Billion+ Downloads [REPORT]

As the adoption of smartphones and the Internet has increased over the last decade, so has the number of...

TikTok Is Now The World’s Most Popular Non-Facebook App With Record 3 Billion Downloads!

When you think of the world's most popular apps, the first name comes into your mind: Facebook. If not,...

The email accounts of numerous C-level executives around the world have been compromised and a threat actor is now selling their credentials online!

According to recently surfaced news, the data is currently being sold in a restricted underground forum for Russian hacked called ‘Exploit.in’. The username and password combinations for the executives are for Office 365 and Microsoft accounts which according to the hacker belong to executives at roles such as CEO, COO, CFO, CTO, President, Vice President and so on. 

Source: KELA

The access to email account of each executive is sold for $100 to $1500, depending on the company size and employee’s role.

Advertisements

But, are these accounts legit?

Yes, they are! A source from the cyber-security community contacted the seller to obtain samples and verified the legitimacy of the threat actor’s claims. The source collected credentials for two accounts, one belonging to the CEO of a U.S medium-sized business and another which belonged to the CFO of an EU-based multi-chain retail outlet. Both of them turned out to be valid.

Source: KELA

The source who requested not to be named also mentioned that the seller refused to answer when asked how did he obtain the login credentials but in turn said that he had many more to sell in the near future as well. 

KELA which is a threat intelligence firm, taking note of this incident reported that the same threat actor had previously shown his interest in buying “Azor logs” which refers to data collected from devices infected with the trojan called “AzonUlt infostealer”.

An infostealer trojan is a notorious malware which logs usernames and passwords from browsers that are infected with it. Later on, the operator who had deployed the infostealer filters, organizes the data and puts it up for sale in various hacking forums.

According to Raveed Laed who is KELA’s Product Manager, this particular hack of corporate email credentials is highly valuable for cybercriminals as there exist number ways in which they can monetize them.

Advertisements

For instance, a cyber attacker armed with this data can use the internal communication of a company and pull of a ‘CEO scam’ wherein they ask employees to wire them large sums of money. This data can also be used by cybercriminal to access other even more sensitive information which can later become a part of an extortion scheme. Or, alternatively, the compromised credentials can also be used to bypass email-based 2FA after which a hacker can conduct a network intrusion.

The recent incident of Twitter hacking is a great example of how hackers can misuse the accounts of who’s who of the industry. Accounts of Elon Musk, Jeff Bezos were used to putting out a tweet asking users to send money to a particular account.

But, nonetheless, it is being predicted that the email login details will mostly be used only in ‘CEO scams’, also known as BEC scams. Why so? Because a report by the FBI indicated that BEC scams were far the most popular form cyber attack in 2019 which accounted for half of all monetary losses in cybercrime. 

So, what exactly can you do to prevent falling prey to attackers who steal your login details in the first place? The easiest way is to set up two-step verification (2SV) or two-factor authentication aka 2FA solution.

By doing this, even if hackers somehow manage to steal your login details, it will be pretty much useless as it would need an additional 2SA or 2FA verifier. We will keep you updated on all future developments. Until then, stay tuned.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

A Big Blow To Amazon and Flipkart: CCI Investigation To Continue

Flipkart and Amazon continue to find themselves in hot water as their plea against the investigation that is being...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This