Relatively rare but equally serious data breaches have recently occurred in Russia, with confidential information and access to hundreds of email accounts from executives from various companies. worldwide sold by Russian hackers on dark web forums .

In particular, this invaluable data warehouse is being posted for sale on a hidden underground forum dedicated to Russian-speaking hackers named Exploit.in (according to ZDNet's discoveries). This database includes email and password account information for hundreds of Office 365/ Akun Microsoft from individuals holding senior business positions from around the world.

The data package hacked by hackers sells for only $ 100 to $ 1500, depending on each individual's position and company size includes:

  • CEO - Chief Executive
  • COO - Chief Operating Officer
  • CFO - CFO
  • CMO - Marketing Director
  • CTOs - Director of Technology
  • Chairman
  • vice President
  • Executive Assistant
  • Finance Manager
  • Chief accountant ...

According to preliminary disclosures from a security expert trying to spend money on two data plans, the information the hackers are offering for sale is completely real. This expert obtains personal data and access to theAkun email CEO of a US-based midsize software company, and the CFO of a network. Retail goods based in the European Union.

On the seller's side, this hacker refuses to share how he got the data warehouse above, and says he has many similar data warehouses and is ready to sell them again in the near future.

Hackers from the "Russian planet" sold the e-mail accounts of hundreds of senior directors for a fraction of the price.

This type of data could be used by scammers as raw material for whale phishing (or whaling attacks ) - a form of phishing / cyberattack that directly targets people in high positions. In an organization, it is mainly focused on the CEO and CEO of every department in a company. The main purpose of whaling attacks is to steal confidential company data, such as trade secrets, patents, customer information, or employee databases.

In addition, the emails of individuals with high positions in organizations and businesses are also used to spread business email compromise (BEC) attacks, in which the fraudster tries to defraud one or more employees of the organization or business with the ultimate goal of getting those employees to transfer business money to top bank accounts. their names, along with a host of other consequences.