Hackers are seeking out company insiders on the black market
Security

Hackers are seeking out company insiders on the black market

If you’re the CEO of a company, here’s another threat you need to worry about: hackers trying to recruit your employees for insider-related crimes.

Researchers at security firms RedOwl and IntSights have noticed growing activity from online black market dealers trying to recruit company employees for insider trading and cashing out stolen credit card numbers. 

These dealers are appearing on underground forums located on the dark web, which are accessible through Tor, a browser designed for anonymous web surfing, according to the researchers, who published their findings on Tuesday. 

Hackers in these underground forums have been looking for employees to collude in insider trading to make educated stock market bets. One site has been helping its members engage in this illicit activity, and garnered over 40 bitcoin ($39,755) in total transactions

“According to the group’s manager, there are members who make more than $5,000 USD a month using the leaked information,” the research report said. Membership, in the forum, however, requires a 1 bitcoin ($995) fee.

The administrator of another forum dedicated to the illicit activity claims to be a former European IT entrepreneur who’s trying to create a “well-selected community” to exchange insider information on publicly traded companies.

Hackers are also recruiting employees in the retail sector to help them make purchases with stolen credit card numbers.

The researchers found one wanted ad in a dark web forum for a retail cashier worker to make iPhone 6 purchases in exchange for £100 (US$127).

In other cases, hackers have been found trying to arm insiders with cyber tools to help steal data or commit fraud, according to the researchers. “In one instance, a hacker solicited bank insiders to plant malware directly onto the bank’s network,” the report said.

The researchers found that one hacker offered to pay the insider “7 figures on a weekly basis” for access to a bank’s computer.

The report from RedOwl and IntSights involved monitoring activity on underground forums for references to insider-related crimes over a two-year period starting in Jan. 2015. It noticed about 1,000 references and a spike in the latter months of 2016,

The security firms suggest that companies take the insider threat more seriously by using IT security systems to carefully monitor employees for unwanted behavior without violating their privacy.

Other security experts also advise that companies segregate valuable data from employees who have no reason to use it, or hire professionals to handle investigations that deal with suspected insider theft.

IDG Insider

PREVIOUS ARTICLE

«HPE acquires security startup Niara to boost its ClearPass portfolio

NEXT ARTICLE

AT&T wants to be the Linus Torvalds of network software»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should companies have Bitcoins on hand in preparation for a Ransomware attack?