Hackers create specialised economy around hijacked email data


New Delhi, Jul 27 (IANS): Hackers have created a specialised economy around email account takeover via methods like brand impersonation, social engineering and spear-phishing, retaining the data for long period of time to make more money by reselling it to another set of cybercriminals on the Dark Web, a new report revealed on Monday.

More than one-third of the hijacked accounts analysed by researchers at Barracuda, a leading provider of cloud-enabled security and data protection solutions, had attackers dwelling in the account for more than one week.

In 31 per cent of these compromises, one set of attackers focused on compromising accounts and then sold account access to another set of cybercriminals who focused on monetising the hijacked accounts.

Nearly 20 per cent of compromised accounts appear in at least one online password data breach, which suggests that cybercriminals are exploiting credential reuse across employees' personal and organization accounts, according to the report.

"Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximise the ways they can exploit the account, whether that means selling the credentials or using the access themselves," said Don MacLennan, SVP Engineering, Email Protection at Barracuda.

Barracuda researchers teamed up with leading researchers at University of California-Berkeley to study the end-to-end lifecycle of a compromised account.

After examining 159 compromised accounts that span 111 organisations, they identified the ways account takeover happens, how long attackers have access to the compromised account, and how attackers use and extract information from these accounts.

Nearly 78 per cent of attackers did not access any applications outside of email.

"Staying informed about the attackers' behaviour will help organisations remain vigilant and put the proper protection in place so they can defend themselves against these types of attacks and respond quickly if an account is compromised," suggested MacLennan.

 

  

Top Stories


Leave a Comment

Title: Hackers create specialised economy around hijacked email data



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.