The FBI has issued a warning about hackers selling VPN credentials for US college networks. Network credentials and virtual private network (VPN) access for schools and institutions in the United States are for sale on both underground and public criminal markets.
“This disclosure of critical credential and network access information, particularly privileged user accounts, might lead to later cyber attacks against individual users or linked businesses,” the FBI said in a recent statement.
Threat actors use strategies such as spear-phishing and ransomware to carry out credential harvesting activities against educational institutions. The credentials acquired are then exfiltrated and sold on Russian cybercrime forums for rates ranging from a few hundred to thousands of dollars.
Armed with this login information, attackers may undertake brute-force credential stuffing operations to break into victim accounts across many accounts, websites, and services, according to the agency.
“If attackers successfully compromise a victim account, they may attempt to drain the account of stored value, leverage or re-sell credit card numbers and other personally identifiable information, submit fraudulent transactions, exploit for other criminal activity against the account holder, or use for subsequent attacks against affiliated organizations,” according to the report FBI cautioned.
In May 2021, for example, the agency stated that it discovered more than 36,000 email and password combinations for email accounts ending in the “.edu” domain publicly available on an instant messaging platform used by a gang specializing in the trafficking of stolen login credentials.
Academic institutions are recommended to maintain operating systems and software up to date, enhance phishing awareness, safeguard accounts with two-factor authentication, monitor remote access, and establish network segmentation to avoid malware propagation.
Have you enjoyed reading this article? To read more exclusive material from THN, follow us on Facebook. The FBI has issued a warning about hackers selling VPN credentials for US college networks.