Hackers Selling Access to Multi-Billion Auction House
The hacker business is like any other business. There are specialists.
In the hacking business, one of the specialties is initial access.
Initial access brokers break in to businesses and “collect” credentials. They don’t use those credentials. That is a different specialty.
Researchers say that they studied Russian language hacker forums for a few months to understand the Initial Access Broker (IAB) business. This study is a very small slice of the dark web, but it gives us some interesting insight.
From May through July the researchers found ads for access to more than 100 companies across 18 industries including defense, telecom, healthcare and finance.
Attacks against US, Australia and UK companies topped the list.
Here is a scary detail. Prices for access start as low as $150. About one-third of the listings were for less than $1,000.
The most expensive access was for access to a multi-billion dollar auction house. That was going for $120,000. The hackers didn’t give a lot of details but they did say they had access to the backend of the auction process.
Access types vary from cloud administrator to domain users.
Some ads offered access to the company’s backup and recovery system. Combine that with a ransomware attack and you have a disaster with a capital D.
Here is the question for you. If IABs have compromised your network but have not yet sold the data on the dark web, would you know? How would you know?
And, if the price for access is as low as $150, that means that almost any crook can afford to purchase credentials. Even at up to $1000 puts it within reach of many criminals.
Would you know if hackers have already stolen access to your network? Or if hackers steal your credentials next week.
If you need help protecting your network, please contact us.
Credit: Bleeping Computer