The FBI reported that cybercriminals are selling usernames and passwords on a variety of public and dark web forums.
Three examples have been provided by the agency. As an example, in January 2022, college and university network credentials belonging to US universities and colleges were sold on Russian cybercrime forums. These credentials were sold for up to thousands of dollars in some cases.
Another example was observed in May 2021, when cybercriminals offered over 36,000 combinations of username and password for .edu accounts and the same was listed on an instant message platform.
Earlier, in late 2020, about 2,000 credentials for .edu accounts associated with US universities were posted on a dark web site as per the FBI. The agency noted that these credentials are often obtained through spear-phishing attacks, ransomware attacks, and other types of intrusions.
By exposing usernames and passwords, attackers can carry out brute force credential stuffing attacks, in which they attempt to log in to multiple online accounts or exploit them for subsequent cyberattacks as criminal actors use the same credentials across multiple accounts, websites, and services, the FBI warned.
The agency mentioned that the attackers are likely to use a victim’s account to deplete the value of the account and obtain credit card information and other personal information and make fraudulent transactions or use this information to attack affiliated organisations in the future if they successfully compromise a victim’s account.
The alert contains recommendations and mitigations, but academic institutions can also contact the FBI for assistance in identifying weaknesses and responding to incidents.
Written by: Sahid K P
Edited by: Adv. Sabrina Bath