ZDNet is reporting a threat actor now seleling passwords for hundreds of C-level executives at companies all over the world. The email and password combinations are for Office 365 and Microsoft accounts, claimed at multiple levels across the C-Suite. This is not this actor’s first incident.. previously having been interested in purchasing data from computers infected by the AzorUlt info-stealer trojan
The price for account access – between $100 and $1500, depending on the customer size and user’s role.
Why do we care?
The price data is why I pulled this story. This is first off useful to discuss with customers, so there’s that reason.
Let’s also think about the value of this data from a social engineering perspective – accessing the login information makes for a perfect phishing attack. Accessing the Executive Assistant at a team, or the finance director, gives easy access to transfer financial data or simply authorize payment on fraudulent invoices. The article even highlights how the CEO scams are the likely intended use
Spend $1500 to make $10K? 20K? Makes sense to me. And sums it up for your customers the risk.