Compromised online accounts for sale
Posted on 19 July 2012.
The recently unearthed website of a service specializing in selling access to compromised email and social networking accounts of Russian and Ukrainian users offers a fascinating glimpse into just how much one such account is worth to spammers.

According to Webroot's Dancho Danchev, the service offers access to Facebook, Twitter, LiveJournal, Vkontakte and other social networking accounts, as well as to email accounts opened with Mail.ru, Rambler.ru, Yandex.ru and Qip.ru.

Wannabe spammers and social engineers can choose to buy accounts by the service, and should be ready to pay 190 rubles ($5.9) for 100 compromised Vkontakte accounts belonging mostly to Russian users, or 180 rubles ($5.6) for the same number belonging to mostly Ukrainian users.

Facebook accounts are somewhat cheaper - 500 for 200 rubles ($6.2), and the same number of compromised Twitter account can be had for 250 rubles ($7.7).

And compromised email accounts are cheaper still:


If the owners of the site and service are to be believed, most of these accounts were compromised through social engineering and brute-forcing.

"What this service offers is an easy entry into the world of cybercrime for average cyber criminals looking for fresh platforms to further disseminate their social engineering campaigns attempting to trick users into interacting with their fraudulent scheme," Danchev comments.

"Once a compromised accounts gets resold, the new owner will abuse the ‘chain of trust’ and attempt to serve malware and launch social engineering attacks such as, for instance, phishing knowing that users are more likely to trust a message or a Wall post from a trusted friend. That’s their way of achieving a positive ROI (return on investment) on their initial purchase."






Spotlight

The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //