430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

15 billion credentials available in the cybercrime marketplaces

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. A report published by security firm Digital Shadows revealed the availability of more than 15 billion credentials shared on cybercrime marketplaces, paste sites, file sharing services, and code sharing websites. Over the past few […]

account access credentials cybercrime marketplaces

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts.

A report published by security firm Digital Shadows revealed the availability of more than 15 billion credentials shared on cybercrime marketplaces, paste sites, file sharing services, and code sharing websites.

Over the past few years, Digital Shadows added to its breach repository more than 15 billion credentials shared on criminal forums, paste sites, file sharing services, and code sharing websites.

According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71.

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. Accounts for media streaming, social media, file sharing, virtual private networks (VPNs), and adult-content sites all trade for significantly under $10.” reads the report published by the experts.

Crooks could use the credentials to launch credential stuffing attacks leveraging the data available in the black marketplaces. Experts reported that brute-force cracking tools and account checkers are available on
cybercrime marketplaces and forums for an average of $4.

According to the report, Sentry MBA is the most popular credential stuffing tool, but OpenBullet tool has accounted for 35 percent of references across cyber criminal forums so far in 2020.

Using the recently launched model of ATO “as-a-service”, a criminal can rent an identity for less than $10.

The cost for antivirus accounts is just over $20, while other types of accounts (cable, social media, VPN, streaming, adult, music, file sharing, and video game accounts) typically go for less than $10.

Threat actors are also offering access to critical systems belonging to various organizations, including domain admin access that has been offered with an average price of just over $3,100. The price depends on the targeted industry, with the local government and financial sectors are the most requested ones.

“Access to organizations’ key systems is being sold at a significant premium. Dozens of advertisements offer domain administrator access through auctions, selling it to the highest bidder for up to $120,000 (with an average of $3,139).” continues the report.

Most popular markets are UnderWorld Market (formerly RichLogs) and
Tenebris, but the biggest one continue to be Genesis Market.

Genesis Market users can rent account access as an alternative to purchasing credentials, an identity for a certain period costs less than $10. The service also provides the victim’s “fingerprint data” (such as cookies, IP addresses, time zones) from victims to make it easier to hijack accounts and perform transactions without being detected.

Let me suggest to read the complete report from Digital Shadows, it includes a lot of interesting data.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, cybercrime marketplaces)

[adrotate banner=”5″]

[adrotate banner=”13″]