According to Webroot’s Dancho Danchev, a service targeting Russian and Ukrainian users, is offering access to compromised social networking and email accounts.
“Recently, I came across a new Russian service offering access to compromised accounts across multiple social networks such as Vkontakte, Twitter, Facebook, LiveJournal, and last but not least, compromised email accounts. What’s particularly interesting about this service is the fact that it’s exclusively targeting Russian and Ukrainian users,” Danchev wrote.
As an example, criminals are selling Vkontakte.ru accounts at a rate of $2.75 for 50; where 95% of them are active Russian users. For $6.00, one can purchase access to 500 Russian Facebook accounts, or spend $7.00 and get access to 500 Russian Twitter accounts.
“How is the service getting access to these compromised credentials in the first place? Next to social engineering attacks and brute-forcing, on a daily basis cybercriminals persistently data mine botnets for stolen email, social network, VPN, FTP and SSH accounting data in an attempt to further abuse it by launching additional attacks on the top of it,” Danchev added.
In the end, the blog post explains, a service such as the one discovered, amounts to a gateway for new criminals looking to use social engineering attacks. If successful, the hopefuls will exploit the trust relationships formed online, adding to their list of victims.
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- US Downs Chinese Balloon Off Carolina Coast
- Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op
- Feds Say Cyberattack Caused Suicide Helpline’s Outage
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
