Price Dropped on Hacked Educational RDP Details

Hackers selling network access to 7500 educational establishments have reportedly dropped their asking price.

Reports emerged last week that access was being sold by a threat actor on multiple Russian hacker forums and as well as educational organizations. The package also included access to corporate networks from other verticals, such as entertainment and the bar industry.

In particular, access to the networks via remote desktop protocol was being sold, with the initial bid for the entire package starting at 25 BTC (roughly $330,000) and the buy now option at 75 BTC (about $1,000,000).

In an email to Infosecurity, Kacey Clark, security researcher at Digital Shadows, said these were posted on the Russian-language cyber-criminal forums Exploit and XSS; however, they are yet to receive any responses from other forum users on either platform.

“There are no indications yet as to which entities/organizations are involved, and this will likely remain the case to keep the offering available,” Clark said.

Digital Shadows also confirmed that the threat actor reduced the asking price to BTC 10 (USD 155,300) from BTC 25 (USD 387,000) on November 4, “but this is still a significant amount of money even on these forums, hence why it might be taking longer to sell,” Clark said.

Clark also made the point that whilst the user only registered on the forums relatively recently, they have deposited significant funds into both of their forum accounts, likely in an effort to substantiate their credibility on these forums and justify the legitimacy of their presence.

“Interestingly, they have even sponsored the most recent articles competition on XSS, which indica ..

Support the originator by clicking the read the rest link below.