A cybercriminal is at the moment selling access to the email accounts of a large number of C-level executives at organizations globally.

The data is being sold on a closed-access covert forum for Russian-speaking threat actors called Exploit.in. The following are high-level executives occupying functions such as:

  • CEO – chief executive officer
  • COO – chief operating officer
  • CFO – chief financial officer or chief financial controller
  • CMO – chief marketing officer
  • CTOs – chief technology officer
  • President
  • Vice president
  • Executive Assistant
  • Finance Manager
  • Accountant
  • Director
  • Finance Director
  • Financial Controller
  • Accounts Payables

The prices of the passcodes range from $100 to $1,500, depending on the company size and user’s role.

A source in the cybersecurity fraternity who agreed to contact the seller to secure samples has established the legitimacy of the data and attained valid credentials for two accounts: the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain.

The source, on the condition of anonymity, is in the process of notifying the two companies, but also two other companies for which the seller published account passcodes as public evidence that they had valid data to sell.

These were login details for an executive at a UK business management consulting agency and for the president of a US apparel and accessories maker.

The seller did not, however, to share how he acquired the login credentials but said he had hundreds more to sell.

Leave a Reply

Your email address will not be published. Required fields are marked *