FBI says US university VPN credentials are being traded on Russian sites | US News | NewsRme
Published July 2, 2023, 6:20 a.m. by Violet Harris
A hacker might use stolen credentials to launch a ransomware or spear-phishing attack, or even perform cryptojacking. If you're dealing with tens of thousands of stolen passwords, even assaults like credential stuffing, which have a success rate of less than one percent, become a significant issue.
According to a recent FBI study, fraudsters are obtaining login credentials for college and university networks in the United States. These are subsequently sold to other criminal organizations or used in credential stuffing assaults, in which attackers exploit victims who repeat the same credentials across several websites, most notably financial services.
As recently as 2017, the agency discovered that thieves were using phishing emails to clone legitimate university login pages in order to capture credentials. Automated emails were sent to them from their servers using the credentials they had obtained. Ransomware and spear-phishing both have the potential to provide credential harvesting as a side effect.
As recently as last year, Russian cybercrime forums were selling US university network passwords and virtual private network connections. The costs quoted ranged from a few hundred dollars to several thousand dollars.
.edu email addresses and passwords were found on a publicly accessible instant messaging network last year, totaling over 36,000.
Stay Connected with us:
====================
Website: https://newsrme.com
YouTube: https://www.youtube.com/newsRmeUK/
Facebook: https://www.facebook.com/newsrme/
Twitter: https://twitter.com/newsrme
Instagram : https://www.instagram.com/newsrme/
You may also like to read about:
fbi says u.s university vpn credentials
are being traded on russian sites
a hacker might use stolen credentials to
launch a ransomware or spear phishing
attack or even perform cryptojacking
if you're dealing with tens of thousands
of stolen passwords even assaults like
credential stuffing which have a success
rate of less than one percent become a
significant issue
according to a recent fbi study
fraudsters are obtaining login
credentials for college and university
networks in the united states
these are subsequently sold to other
criminal organizations or used in
credential stuffing assaults in which
attackers exploit victims who repeat the
same credentials across several websites
most notably financial services
as recently as 2017 the agency
discovered that thieves were using
phishing emails to clone legitimate
university login pages in order to
capture credentials
automated emails were sent to them from
their servers using the credentials they
had obtained
ransomware and phishing both have the
potential to provide credential
harvesting as a side effect
as recently as last year russian cyber
crime forums were selling u.s university
network passwords and virtual private
network connections
the costs quoted ranged from a few
hundred dollars to several thousand
dollars
dot edu email addresses and passwords
were found on a publicly accessible
instant messaging network last year
totaling over 36 000
the agency identified 2 000 credential
pairs on the dark web a year ago with
the vendor requesting bitcoin
contributions
additionally certain preventative
measures that universities and colleges
might take are outlined in this text
[Music]
![Should Sports and Politics Mix? [ESPN Reporter Says No, But Is He Right?] image](https://i.ytimg.com/vi/O-Dautsjyjk/default.jpg)
