A Russian website on the dark web is currently selling hundreds of passwords belonging to Dutch companies.
For just a few dollars, users are able to buy access to breached systems, thereby gaining access to highly sensitive data at the same time.
The logins available for purchase on this darknet site unlock several types of records, ranging from medical details to financial documents.
Hacking Site Offers Remote Access
According a report by Netherlands-based media outlet RTL News, the darknet site sells over 900 passwords belonging to Dutch companies.
The list of passwords is updated on a daily basis, and dozens of new passwords are added on the website.
In total, the site offers roughly 64,000 login details for international sales. Per login, buyers can pay between $4 to $15.
Reporters at RTL News tested the credibility of the site and purchased login information about five different Dutch companies.
What they received was exactly what the Russian website was offering, access to the records of the businesses.
As a result, RTL News was able to access various types of data including the accounting records of professionals that are self-employed, top athletes' medical records and even the management system of a primary school.
Prior to publication, RTL informed the five companies they managed to gain access to.
Although the news outlet chose to inform the unaware victims, some dark web users will take this opportunity to make profits.
The Russian website allows cybercriminals to purchase and later use this information to threaten the companies and their customers of publishing the data or simply reselling the information in the future.
On the darknet site, there is a whole section dedicated to this type of data. Here, you can filter the information by city, country, operating system, internet provider and so on.
The computers that are accessible and open to attack even show the browsers, the online banking systems, webshops and emails that have been used.
It is still unknown who is behind this dark web Russian platform.
Access to Highly Sensitive Data
As disclosed by the RTL News reporters, once the information is purchased from the website, you are given access to one of the victim's computers.
This breach was enabled by the fact that the victims' computers were remotely accessible and used very weak passwords.
As mentioned, RTL News bought data from different companies, one of which was a large physiotherapy practice.
This practice treated famous athletes and counted more than 10,000 patients. The login details RTL gained access to were from an account the IT administrator of the practice created in order to control the computers remotely.
The account, named "Test," had a "Welcome123" password-an extremely easy code for cybercriminals to hack.
With the purchase of this login data, RTL News was able to access all the documentation of the practice.
A variety of doctors' referrals, treatment plans and personal information could be found.
RTL News also purchased login details from a webshop owner and an accountant.
From the personal computer of the webshop owner who handled several orders daily, they were able to access all the information about the customers, their names, residential addresses, phone numbers, products they ordered as well as account numbers.
When RTL News accessed the accountant's computer, they found all the financial data of self-employed people.
On one computer owned by a law firm, the reporters were not able to enter sensitive files.
The details about the login were correct, but they needed a verification code to access the files.
This Two-Factor Authentication process set by the law firm made it clear how little it is needed for your highly sensitive data to be safe from remote access.
Two-Factor Authentication is strongly recommended by cybersecurity experts and governments around the world.
They also advise all companies to use strong and unique passwords to increase protection.
