IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hacker claims to be selling C-suite executives' Microsoft credentials

Access to "hundreds" of accounts is being sold on the dark web for up to $1,500

Hackers are selling access to C-suite executives' Microsoft accounts for anywhere between $100 and $1,500, according to reports.

The credentials are being sold on the dark web by a Russian-speaking hacker on a forum called Exploit.in, ZDNet reports. On sale are email accounts with their passwords for Office 365 and Microsoft accounts, ranging from CEO, COO, and CFO to financial directors and accountants.

The report claims that a source in the cyber security community agreed to contact the hacker and managed to obtain samples that confirmed the validity of the data. Valid credentials for two accounts were obtained; a CEO of a US medium-sized software company and a CFO of an EU-based retail store chain.

The source has since attempted to notify the companies of the suspected breach, as well as two other companies for which the seller published account passwords to prove they have valid data for sale. These were details for someone at a UK business management consulting firm and the president of a US apparel and accessories maker.

The hacker claimed to have hundreds of account details for sale but did not say how they managed to obtain the data in the first place.

Related Resource

Leadership compass: Privileged Access Management

Securing privileged accounts in a high-risk environment

Priviledged Access Managenment whitepaperDownload now

According to information provided by cybersecurity firm KELA, the same hacker expressed an interest in buying "Azor logs”. These logs are data collected from computers infected with AzorUlt malware.

This Trojan is designed to steal data from systems, such as saved passwords from browsers and email, files, and message histories from Skype.

Raveed Laeb, a product manager at KELA, told ZDNet that cyber criminals can exploit corporate email credentials in many ways.

“Attackers can use them for internal communications as part of a ‘CEO scam’ - where criminals manipulate employees into wiring them large sums of money; they can be used in order to access sensitive information as part of an extortion scheme; or, these credentials can also be exploited in order to gain access to other internal systems that require email-based 2FA, in order to move laterally in the organization and conduct a network intrusion,” he said.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022
How do you become an ethical hacker?
ethical hacking

How do you become an ethical hacker?

29 Apr 2022
What is phishing?
phishing

What is phishing?

29 Apr 2022

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
How full-stack observability can accelerate IT innovation
Sponsored

How full-stack observability can accelerate IT innovation

3 May 2022