Hundreds of Executive Accounts for Sale on Hacker Forum

According to a report by ZDNet, access to the accounts of several hundred top executives is being sold on the Exploit.in forum. The price for these credentials ranges from $100 to $1,500, depending on the size of the company and the victim’s position.

The seller is offering combinations of email addresses and passwords for Office 365 and Microsoft accounts, which he claims belong to high-ranking executives from various companies around the world. The data in the hacker’s possession includes credentials for CEOs, CTOs, COOs, CFOs, accountants, presidents, vice presidents, and others.

An anonymous source from the cybersecurity community agreed to contact the seller to obtain sample data and soon confirmed the authenticity of the information. The source was able to acquire valid credentials for two accounts: the CEO of an American software development company and the CFO of a retail chain in an EU country.

The source is now notifying representatives of these companies, as well as two other firms whose employee information is also in the hacker’s possession (these details were published by the hacker as samples).

The seller refused to disclose how he obtained the credentials but stated that he has hundreds available for sale.

According to analysts at KELA, this hacker has previously shown interest in purchasing “Azor logs”—data collected from computers infected with the Azorult infostealer. Such logs almost always contain usernames and passwords extracted from victims’ browsers. This information is typically gathered by infostealer operators, filtered, organized, and then sold on the black market.