A hacker is selling passwords for the Microsoft email accounts of hundreds of top-level executives including CEOs, CFOs and CMOs on the Dark Web for nearly $100-$1,500 (nearly Rs 7,400-Rs 1.1 lakh) per account.
According to a report in ZDNet late on Friday, the threat actor is currently selling email and password combinations for Office 365 and Microsoft accounts of C-level executives and the selling price is set depending upon the company size and the role of the executive.
“The data is being sold on a closed-access underground forum for Russian-speaking hackers called exploit.in”.
The high-level employees at risk include chief executive officers, chief operating officers, chief financial officers, chief marketing officers, chief technology officers, presidents, vice presidents and company directors, among others.
The cover security researcher who agreed to contact the seller to obtain samples “confirmed the validity of the data and obtained valid credentials for two accounts”.
The email accounts belong to the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain, according to the report.
“The seller refused to share how he obtained the login credentials but said he had hundreds more to sell”.
According to data provided by threat intelligence firm KELA, the same hacker previously expressed interest in buying “Azor logs,” a term that refers to data collected from computers infected with the AzorUlt info-stealer trojan.
Compromised corporate email accounts are goldmines for cybercriminals as “they can be monetised in many different ways,” KELA Product Manager Raveed Laeb was quoted as saying.
Most likely, the compromised emails can be abused for CEO scams, also known as Business Email Compromise (BEC) scams which are on the rise globally including in India.
Global cybersecurity firm Trend Micro recently said it blocked 438 million email-borne cyber threats in India in the first half of this year which represented the third-highest numbers in Asia.
Business Email Compromise (BEC) detections increased by 18 percent from the second half of 2019, in part due to scammers trying to capitalise on home workers being more exposed to social engineering.
Educational institutions are more than twice as vulnerable to a carefully-crafted BEC attack than an average organisation, according to a latest report by Barracuda Networks, a leading provider of cloud-enabled security solutions.
Using this form of attack, threat actors have taken hold of schools, resulting in devastating losses.
Such spear phishing attacks hit the Indian education sector hard between June and September, affecting more than 1,000 schools, colleges, and universities, according to the report that came out earlier this month.
Spear phishing is a personalised phishing attack that targets a specific organisation or individual.