Researchers Examine Active Market for Stolen Network Access

  /     /     /  
Publicated : 23/11/2024   Category : security


Researchers Examine Active Market for Stolen Network Access


Intsights researchers finds one instance of data for sale at a price tag of 66,000 Bitcoin.



A new report examines the buying and selling of unauthorized access to compromised enterprise networks and finds an active market for illegal access, which not only lines criminal pockets but enables future crime.
The research, The Transfer of Enterprise Network Access on Criminal Forums, was conducted by IntSights, now owned by Rapid7, and found some pricey criminal offerings. For example, access to an organization supporting hundreds of retail and hospitality businesses was found offered at approximately $66,000 worth of Bitcoin. The victim, according to the report, was a third-party operator of customer loyalty and rewards programs. 
In their post, the seller highlighted various ways in which a buyer could monetize the access: they could review and manipulate source code, for example, or access the accounts and points of loyalty program members. They could also conduct spam and phishing attacks, including ransomware campaigns against loyalty program members via legitimate communication channels.
Despite the high price tag for access to this loyalty and rewards program, researchers found pricing for access to compromised networks varies considerably from one sale to another. Many factors influence price, such as the extent and privilege level of the access, sales strategies of the sellers, and the victims size, industry, location, and value to criminals. 
The average offering price on the criminal market was $3000. The single lowest price of $240 USD was for access to a healthcare organization in Colombia.
Criminals typically prefer victims in wealthier countries with advanced economies, as they are generally more lucrative, the report states.
Overall, the cost of access in healthcare trends lower than other industries, with an average price of $4,860 USD and median price of $700, according to the research.
Healthcare organizations have long been popular targets for ransomware operators, well before these sales of access matured, say researchers in the report. The lower cost of buying access to healthcare organizations has probably made them an even more desirable target for those ransomware operators that depend on these sellers.
The full report can be found
here
.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Researchers Examine Active Market for Stolen Network Access