A Russian-speaking hacker under the pseudonym Byte leaked passwords from the personal profiles of managers of many large companies in the world
Data for accessing the personal accounts of Microsoft’s online services and the email addresses of several hundred senior executives are put up for sale on a Russian-language hacker forum. This was done by a Russian-speaking hacker under the pseudonym Byte. The seller claims that he has hundreds of passwords of different top managers from all over the world. He is ready to confirm the authenticity of the data to the buyer.
Offer to sell credentials appeared on a private forum Exploit.in for Russian-speaking cybercriminals. The description states that you can purchase email addresses and passwords to access the accounts of Office 365 and other Microsoft services of presidents, their deputies, CEOs, and other high-ranking executives of companies from around the world.
Byte asks for each address from $100 to $1500, the price directly depends on the size of the company and the position held by the account owner.
An information security specialist entered into negotiations with the seller to confirm how relevant the database offered for sale is. For verification, he received the credentials of two accounts: the CEO of an American software development company and the CFO of a chain of retail stores in one of the EU countries. As a result of verification, he got access to the data of these people.
The attacker did not disclose the source of the data but claims that it can provide access to hundreds of accounts.
Analysts at KELA reported that the person selling these credentials previously tried to purchase information collected from computers infected with the Azorult malware. It usually contains usernames and passwords that the program extracts from victims’ browsers.
This incident once again highlights the need for better data protection. Two-factor authentication or 2FA is often recommended.