New Report Reveals How Long Hackers Keep Using Compromised Accounts

New Report Reveals How Long Hackers Keep Using Compromised Accounts

Posted on By rehan.rafique No Comments on New Report Reveals How Long Hackers Keep Using Compromised Accounts












Security firm Barracuda Networks and UC Berkeley have jointly researched cybercriminals’ behavior once they take over accounts, specifically focusing on the end-to-end lifecycle of a breached account.

The parties investigated 159 compromised accounts across 111 organizations in a bid to find out how threat actors take over accounts, how long attackers remain in compromised accounts, and how they use and extract information from these accounts.

Dwelling in the Account for Weeks or Even Months

According to a report published on July 23, some bad actors remain in compromised accounts for weeks or even months, with 33% of attackers dwelling in the account for over a week.

The report’s findings indicate the following:

  • Nearly 80% of threat actors did not access any applications outside of email,
  • 20% of breached accounts appear in at least one online password data breach,
  • 31% of compromises reflect an increasingly specialized market for account compromise.

To get access to email accounts and steal credentials, hackers opt for brand impersonation and phishing. The report further explains:

“Once the account is compromised, hackers monitor and track activity to learn how the company does business, the email signatures they use, and the way financial transactions are handled, so they can launch subsequent phishing attacks, including harvesting financial information and additional login credentials for other accounts.”

Sometimes hackers reportedly sell stolen login credentials to other threat actors, and thus a different attacker continues using the compromised account mining for information and extracting value from it.

Focus on Corporate Networks

The researchers discovered that in 98% of breached accounts, hackers accessed at least one email-related Office 365 app, including Microsoft Outlook. This reportedly enabled them to obtain access to contact lists and relate that data with any confidential and financial information of the employee and the organization.

As previously reported by forklog.media, hackers seem to have shifted their focus from individual servers to corporate networks. In the second half of 2019, the number of postings on illicit marketplaces offering access to corporate networks reportedly began surging.

Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.

Subscribe to our Newsletter


<

cryptocurrency

More Related Articles

Dogecoin Eyes Milestone: Is A 0 Billion Market Cap Next? – BitRss Dogecoin Eyes $1 Milestone: Is A $100 Billion Market Cap Next? – BitRss cryptocurrency
Which Blockchain Is Right For You? Which Blockchain Is Right For You? cryptocurrency
Blockchain Gaming Funding Nosedives in Early 2025 Blockchain Gaming Funding Nosedives in Early 2025 cryptocurrency
Best Crypto Tax Software for 2020: Top Bitcoin Accounting Service Providers & Programs for Taxes Best Crypto Tax Software for 2020: Top Bitcoin Accounting Service Providers & Programs for Taxes cryptocurrency
Michael Saylor’s 2024 Bitcoin Explosion: Insights and Predictions – Michael Saylor’s 2024 Bitcoin Explosion: Insights and Predictions – cryptocurrency
BTC, XRP, BSV, XLM, ZEC Price Analysis for 01/08 BTC, XRP, BSV, XLM, ZEC Price Analysis for 01/08 cryptocurrency

Leave a Reply

Your email address will not be published. Required fields are marked *