Advertisement: @fraud_world & kumser@jabb.im

Cybercriminals aim to make it easier to hack the victim's network by expediting the cyber attack process.

Daddy

New member
Ransomware operators have begun actively reaching out to underground vendors of corporate network access to avoid the hassle of cyberattacks. The Accenture Cyber Threat Intelligence team has published research findings on emerging cybersecurity trends, highlighting the nature of the relationship between ransomware operators and exploit vendors.

During attacks, ransomware operators must first find a network entry point. Hacked employee accounts, misconfiguration on public systems, and vulnerable endpoints can be exploited to deploy malicious code, resulting in encryption of files, drives and demanding payment in exchange for the decryption key.

According to experts, the acquisition of network access points and already proven methods of penetrating the target system are becoming more popular, including the purchase of stolen credentials and exploits. Network access sellers usually first discover the vulnerability and then sell the information they need to hackers on underground forums for prices ranging from $ 300 to $ 10,000.

“A successful ransomware attack depends on developing and maintaining stable network access, which carries a higher risk of detection and takes time and effort. Access vendors are filling this market niche for ransomware groups, ”the experts explained.
Experts from Accenture have identified over 25 sellers of continuous network access. Many of the vendors are active on the same underground forums popular with gangs like Maze, NetWalker, Sodinokibi, Lockbit, Avaddon, etc.
 
Top Bottom