BTC $62590.5912
ETH $2457.3675
BNB $572.8118
SOL $146.5688
XRP $0.5318
DOGE $0.1107
TRX $0.1627
TON $5.2482
ADA $0.3526
AVAX $29.0040
wstETH $2903.6612
WBTC $62544.8156
WETH $2454.9218
UNI $7.9080
LINK $10.8961
BCH $324.5102
DOT $4.1324
SUI $2.1671
DAI $0.9999
APT $9.9757
LTC $65.2573
TAO $637.3596
weETH $2581.8036
PEPE $0.0000
BSC-USD $1.0005
FET $1.4224
ICP $7.8952
CAKE $1.8241
KAS $0.1330
FDUSD $0.9987
IMX $1.5159
NEAR $4.7278
XMR $151.6159
POL $0.3667
ETC $18.5606
RENDER $5.3017
WIF $2.7017
STX $1.7208
USDE $0.9990
BABYDOGE $0.0000
AAVE $152.7170
WBT $15.2903
FIL $3.5548
INJ $20.2062
MNT $0.6042
HBAR $0.0505
XLM $0.0908
BTC $62590.5912
ETH $2457.3675
BNB $572.8118
SOL $146.5688
XRP $0.5318
DOGE $0.1107
TRX $0.1627
TON $5.2482
ADA $0.3526
AVAX $29.0040
wstETH $2903.6612
WBTC $62544.8156
WETH $2454.9218
UNI $7.9080
LINK $10.8961
BCH $324.5102
DOT $4.1324
SUI $2.1671
DAI $0.9999
APT $9.9757
LTC $65.2573
TAO $637.3596
weETH $2581.8036
PEPE $0.0000
BSC-USD $1.0005
FET $1.4224
ICP $7.8952
CAKE $1.8241
KAS $0.1330
FDUSD $0.9987
IMX $1.5159
NEAR $4.7278
XMR $151.6159
POL $0.3667
ETC $18.5606
RENDER $5.3017
WIF $2.7017
STX $1.7208
USDE $0.9990
BABYDOGE $0.0000
AAVE $152.7170
WBT $15.2903
FIL $3.5548
INJ $20.2062
MNT $0.6042
HBAR $0.0505
XLM $0.0908
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Credentials are the most delectable treat for cybercriminals

    Who gets paid to steal our passwords and logins?

    Cybercriminals now value user information, like usernames and passwords that let them into different services, very highly. A study from 2023 from Verizon says that 83% of leaks are caused by outsiders. Also, hackers get into company systems and networks 49% of the time by using stolen passwords.

    One of the best tools is phishing, which is a type of social engineering. People are usually tricked by fake emails that look like they are from well-known companies or government agencies and ask them to sign up or log in to a website that looks like it is real. Here, the person gives the scammers his information himself, so there is no need for any other fraud.

    Many security steps have already been made to stop phishing. Because of this, thieves are always getting better and coming up with even smarter schemes.

    Sending a phishing email first, then a call or voice message from a bank or other group is a new method. To get the victim to believe them, this is done. Attacks are also made more specific by using smartphone apps and artificial intelligence (AI) technologies.

    People who are better at phishing sell their tools and tried-and-true methods on the black market. It's known as "phishing-as-a-service" (PaaS).

    One well-known tool is the W3LL panel from the same-named group. It even has its own black market called the W3LL Store. The tool is made to break into Microsoft 365 business email. One of the most advanced forms of phishing that is growing on the dark web, it lets you get around multi-factor authentication.

    Researchers say that this tool was used to break into at least 8,000 of the 56,000 Microsoft 365 accounts between October 2022 and July 2023.

    The W3LL developers are selling more useful things besides the mailbox hacking tool, such as:

    • Email address lists that have been hacked
    • Information on how to get into hacked email accounts
    • Get to info for VPN connections that have been hacked
    • Hackers can get into websites and online services
    • Templates and tools that are already made to organize phishing emails
    • Greatness is a related tool that is also used to get around multi-factor authentication (MFA) and is aimed at Microsoft 365 users.

    An employee is tricked into logging in to a fake Microsoft 365 account by a scam email. For extra safety, the email address is already filled in on the form. Greatness connects to the service and gets around MFA by asking the target to enter the code on a fake page after they enter their password. Hackers can then use this code to get into the real account because it is sent to a secret Telegram channel. To install and set up the Greatness suite, you need an API key.

    On the dark web in 2022, more than 24 billion accounts that had been hacked were for sale. It costs anywhere from a few dollars for a simple account to thousands of dollars to get entry to bank accounts.

    To buy data, you need to be able to get into certain underground sites. This sometimes needs a request from a member who is already there. The information that was gathered is used to commit scams, steal money, and do other illegal things.

    Reusing identities, which means people who use the same usernames and passwords on different sites, is a very big risk. Attackers can get into the company network even if the systems are very well protected. All it takes is for an employee account to be hacked on another site.

    There are numbers that show that more than 80% of people log into different systems with the same login. This is what hackers use to their advantage.

    Companies are told to use special tools to block known passwords that have been stolen to lower their risks.

    One example is the Specops Password Policy service, which lets you keep more than 4 billion passwords out of the Active Directory database. If that kind of password is tried to be set, the system will tell the worker to make a new, safer one.

    So, you can make both business and personal accounts much safer by using an integrated method and modern technologies. This means making it harder for people to commit cybercrime and keeping the company from losing money.

    Author reign3d
    Understanding Backdoors: Their Role and Impact in Digital Security
    Use of Stolen Personal Data: Risks and Realities

    Comments 0

    Add comment