There's been a big jump in crooks selling access to hacked networks. Ransomware gangs are their best customers

There’s been a surge in cyber criminals selling access to compromised corporate networks as hackers look to cash in on the demand for vulnerable networks from gangs looking to initiate ransomware attacks

Researchers at cybersecurity company Group-IB analysed activity on underground forums and said there’s been a sharp increase in the number of offers to sell access to compromised corporate networks, with the number of posts offering access tripling between 2020 and 2021. 

Crooks are claiming to offer access to compromised Virtual Private Network (VPN) and Remote Desktop Protocol (RDP) login credentials, as well as web shells, reverse shells, Cobalt Strike penetration testing tools and more. 

With this access, cyber criminals can access a company’s networks and attempt to gain access to usernames and passwords or administrator rights which allow them to gain further control over the network.  

On the underground forums being analysed, the number of offers to sell access to corporate networks went up from 362 to 1,099, a rise of three times in just a year and the report warns that increase is “one of the clearest trends on underground forums”. 

Some of the most common industries to which access is being offered to include manufacturing, education, financial services and healthcare.  

The cost of access varies greatly

Read More: