2 min read

Hackers Selling US College VPN Credentials on Underground Markets, FBI Warns

Vlad CONSTANTINESCU
Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Hackers Selling US College VPN Credentials on Underground Markets, FBI Warns

Hackers are advertising Network and Virtual Private Network (VPN) credentials and access codes for US colleges and universities on underground and public cybercrime marketplaces. The credentials could let attackers infiltrate vulnerable networks and conduct subsequent attacks against their users.

“This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations,” according to an FBI advisory.

The report shows that threat actors leverage various tools and tactics, such as ransomware and spear-phishing, to execute credential harvesting attacks. Attackers exfiltrate the stolen data and market it to Russian cybercrime forums; some credentials are reportedly sold for thousands of US dollars.

Threat actors who buy stolen credentials often use them in brute-force credential stuffing attacks can provide attackers with accounts of the same victim on various platforms, websites and password-protected services.

“If attackers are successful in compromising a victim account, they may attempt to drain the account of stored value, leverage or re-sell credit card numbers and other personally identifiable information, submit fraudulent transactions, exploit for other criminal activity against the account holder, or use for subsequent attacks against affiliated organizations,” the FBI warns.

Credential stuffing is a type of cyberattack where the perpetrator uses lists of stolen credentials (usernames, email addresses, passwords) to gain unauthorized access to user accounts, mainly through brute force.

Unfortunately, a single set of credentials often unlocks multiple accounts since many people repeat username and password combinations on multiple services or websites. Fortunately, mitigation against credential stuffing is easy -- avoid using the same email address, username and password for several accounts.

Furthermore, a strong password (minimum character limit, combinations of uppercase, lowercase, numbers and symbols)or a password manager can further decrease the odds of being hit by credential stuffing attacks.

The FBI released a list of mitigation strategies to “reduce the risk of compromise,” namely:

  • Keeping operating systems and software up to date
  • Implementing strong password policies
  • Enabling lock-out rules for failed authentication attempts
  • Enabling mandatory multi-factor authentication (MFA)
  • Implementing user training programs and phishing exercises
  • Segmenting networks to reduce the odds of malware spreading
  • Using network monitoring tools to detect, log and report abnormal activity
  • Monitoring remote desktop protocol (RDP) usage
  • Documenting and limiting external connections to the network

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

America’s Emergency Alert System Is Vulnerable to Hacker Attacks, DHS Warns America’s Emergency Alert System Is Vulnerable to Hacker Attacks, DHS Warns
Filip TRUȚĂ

August 05, 2022

2 min read
Keeping Your PayPal Account Safe: A Brief Guide Keeping Your PayPal Account Safe: A Brief Guide
Vlad CONSTANTINESCU

August 05, 2022

3 min read
35,000 GitHub Repository Clones Tainted with Malware 35,000 GitHub Repository Clones Tainted with Malware
Vlad CONSTANTINESCU

August 04, 2022

2 min read