JAKARTA - According to a new FBI report, discovered by Techspot, cybercriminals continue to carry out attacks on US colleges and universities leading to the disclosure of user information in public forums and cybercriminals.
Credentialing an organization is often a by-product of spear-phishing, ransomware, or other cyber intrusion tactics.
In 2017, hackers targeted universities to hack .edu accounts by cloning university login pages and embedding credentials in phishing emails.
The FBI has observed incidents of theft of higher education credential information posted on publicly accessible online forums or listed for sale on the criminal marketplace.
Exposure of usernames and passwords can lead to brute force credential stuffing attacks on computer networks, where the perpetrator sends packets of data and continues to get information from a site to an email.
SEE ALSO:
Next, perpetrators can take advantage of users who use the same credentials across multiple accounts, websites, and services, to gain an advantage.
Starting January 2022, network credentials and virtual private network access to several US universities are offered for sale on Russian cybercrime forums. The prices listed also vary from up to thousands of US dollars.
Last year, more than 36,000 email and password combinations for accounts with .edu domains were discovered on instant messaging platforms and made available to the public.
By the end of 2020, about 2,000 registered US territory-based university account usernames and passwords with .edu domains were found for sale on the dark web. Then, the seller asks for a donation for the identified bitcoin wallet.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)