What you need to know
- A hacker is reportedly selling access to the Office 365 and Microsoft accounts of several executives.
- The hacker claims to have access to the accounts of high-level executives
- Access to the accounts is being offered for between $100 to $1,500, depending on the account someone wants access to.
A hacker is reportedly selling access to the accounts of hundreds of executives of companies from around the globe. As reported by ZDNet, the threat actor is selling email and password combinations for Office 365 and Microsoft accounts of high-level executives. These executives include CEOs, CFOs, Presidents, and Vice Presidents of various companies.
According to ZDNet, access to the accounts is being sold on a closed-access underground forum named Exploit.in. The forum is for Russian-speaking hackers. The price of access ranges between $100 to $1,500, depending on the account.
The hacker claims to have access for sale of the following roles:
- CEO - chief executive officer
- COO - chief operating officer
- CFO - chief financial officer or chief financial controller
- CMO - chief marketing officer
- CTOs - chief technology officer
- Vice president
- Executive Assistant
- Finance Manager
- Finance Director
- Financial Controller
- Accounts Payables
ZDNet spoke with a source within the cyber-security community who has confirmed the validity of the data obtained for the CEO of a medium-sized software company in the US and the CFO of a retail store chain in the EU. ZDNet's source is in the process of contacting the affected companies, as well as other affected companies.
At this point in time, it's unclear how the seller gained access to these accounts, though the seller claims to have access to hundreds of accounts.