"Hundreds of Network Operators' Credentials Found Circulating in Dark Web"

Resecurity found the credentials of over 1,572 RIPE, APNIC, AFRINIC, and LACNIC customers on the dark web. These individuals had been compromised because of malware activity involving password stealers such as Redline, Vidar, Lumma, Azorult, and Taurus. The stolen credentials were found to be available for purchase on underground marketplaces. Cybersecurity experts described the risks posed by dark web actors using compromised credentials belonging to Internet Service Provider (ISP)/Telecommunications engineers, data center technicians, network engineers, Information Technology (IT) infrastructure managers, and outsourcing companies. A significant risk is that Initial Access Brokers (IABs) collaborate with ransomware groups or sophisticated cybercriminals. They could purchase credentials belonging to a compromised network engineer from an ISP and later use them in a larger attack. This article continues to discuss the discovery of network operators' credentials circulating on the dark web.

Help Net Security reports "Hundreds of Network Operators' Credentials Found Circulating in Dark Web"

Submitted by grigby1