Snow

Industry News

Subscribe

Contributors

Alberto Casares

Product Manager
Jonathan Nelson
Kem Gay
Keon Ramezani

Solutions Architecht
Susan McCorriston

About

ALTO + 4IQ = CONSTELLA We believe the only way to defeat digital risk is by knowing how to work together to safeguard what matters most. That’s why our leading Digital Risk Protection solutions are broad, collaborative and scalable, powered by a unique combination of proprietary data, technology and human expertise. We’re diverse, multinational and fully committed to making the world a safer place, 24x7—simply and without limitations

Contact

289 S San Antonio Rd. Suite 110, Los Altos CA 94022 USA
info@constellaintelligence.com
constellaintelligence.com

Statistics

	Posts:	430
	Reposts:	0

Constella Archive

A second life of exposed credentials

Alberto Casares

February 10, 2020

https://www.passle.net/Content/Images/passle_logo-186px.png Passle https://passle.net

Alberto Casares

Cybercriminals are taking the most of the data they stole, a clear example of this is what is happening with the Phorpiex botnet. They are using the exposed credentials from previous breaches to perform more sophisticated attacks. In this specific example, they have been using the exposed email and plain-text passwords for sextortion purposes.

For that reason, it is very important to measure the risk of the exposed information properly and not only based on the freshness of it. Even if it is old in the right/wrong hands can be useful or a threat.

{

The computers controlled by the Phorpiex botnet download a database of email addresses and corresponding credentials (likely acquired from Dark Web sites) from a command-and-control (C2) server. In the most recent campaign, researchers observed a downloaded database which contains up to 20,000 email addresses; but in various other campaigns, researchers said they observed between 325 and 1,363 email databases on the C2 server — racking up potentially millions of victims.

https://threatpost.com/phorpiex-botnet-shifts-ransomware-sextortion/149295/

unknownx500

More posts by Alberto Casares

Zoom the new objective of cybercriminals

Alberto Casares

Terrorists using cryptocurrency

Alberto Casares

The need for improving our KYC procedures

Alberto Casares

The evolution of traditional crime

Alberto Casares

The era of the threat hunters

Alberto Casares

Recent posts from Constella

Despite the Covid-19 pandemic, cyber startups' total funding continues to grow in 2020

Jonathan Nelson

1.3 Million Clubhouse Users Data Scraped and Exposed

Keon Ramezani

How Facebook's Data Leak Could Hurt You

Keon Ramezani

Security Teams: Be Mindful as Threats Evolve During Pandemic Transitions

Keon Ramezani

2020 Internet Crime Report: Cybercriminals exploiting the COVID crisis

Kem Gay

repost cancel

As a free user, you can follow Passle and like posts.

To repost this post to your own Passle blog, you will need to upgrade your account.

For plans and pricing, please contact our sales team at sales@passle.net

Sorry, you don't have permission to repost or create posts.

cancel