Selling corporate executive email accounts worldwide on the Russian darknet?

The Russian dark site Exploit.in reported that the email accounts of hundreds of business executives around the world are being sold.

Hackers sell email and password lists for Microsoft accounts and Office 365 accounts here, including CEOs, COOs, CFOs, CMOs, CTOs, as well as presidents and vice presidents, account managers, directors, and auditors around the world They range from $100 to $1,500 per case, depending on company size and position, including information.

As a result of contacting the seller to verify the authenticity of the information, they were able to obtain the account information of two accounts: the CEO of a small and medium-sized software company in the US and the CFO of a retail chain company based in the EU. In addition, it has disclosed the account information of an executive of a UK management consulting company and the president of a US apparel company, and has already notified the other party.

In addition to the list sold by hackers on the selling side, it is said that it has hundreds of information. However, it did not disclose the source and method of obtaining this information. However, KELA, a darknet monitoring research firm, points out that there is a possibility that this information was collected using a malicious code (AZORult) that extorted this information.

For these issues, it was recommended to be cautious when clicking links to webpages or opening files from unknown sources, and to take additional measures, such as two-factor authentication or two-factor authentication, on the account to enhance security.

It is not known whether all this information was collected by the same method. However, if these corporate executive accounts are used for fraud, it can cause great damage to companies and customers. Multi-factor authentication is the biggest defense, but it’s not very popular. Microsoft said earlier this year that only 11% of corporate accounts hacked in the past enabled multi-factor authentication. From the user’s point of view, it takes time and is an annoying barrier, but it is necessary for security. Related information can be found here .