Identity, Malware, Threat Intelligence

Initial access broker economy examined

BleepingComputer reports that over 100 firms across 18 sectors had their network access peddled by initial access brokers on the Russian hacking forum Exploit between May 1 and July 27, with companies in the U.S., Australia, and the UK dominating. While organizations in Russia and countries part of the Commonwealth of Independent States continue to be avoided by IABs, few attacks have been observed in China over the same period, according to the Flare report. Moreover, finance and retail organizations were most targeted by IABs, followed by entities in the construction and manufacturing industries. Sixty percent of the examined listings were attributed to access through RDP or VPN and even though most access has been given low to medium values, researchers found that access to a major auction house reached up to $120,000. Despite the prevalence of corporate network access theft through information-stealing malware, other approaches have been cited by some threat actors, said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.