You can buy or sell pretty much anything on the Darknet, Office 365 accounts inclusive. Security firm SenseCy recently came across a new advert promoting a new hidden service – Open Hacking Lab (OHL). Among the hacking arsenal usually offered for sale were the administrator credentials for Office 365 accounts. This is perhaps the first case of such accounts being sold on a Darknet platform.
More about the Open Hacking Lab
Generally, the Lab offers three categories of products:
- Hacking tools and resources;
- Hacked credentials;
- Hacking services.
More about Microsoft Office 365
As you know, Microsoft Office 365 is a software package that contains cloud services, and it is bought by both corporate clients and home users. The package for organizations provides email, storage, social network, SharePoint, etc., administered via cloud. Needless to say, obtaining admin’s access to an organization that runs the Office 365 package allows an attacker access to various types of sensitive information. The scenario could even end with full control over the organization’s network, as pointed out by SenseCy.
At the moment, 12 Office 365 accounts are for sale. The prices are from $15 for an account of a logistics company, to $100 for a law firm. There is a short description of every company, including country of origin and the types of data the potential buyer will obtain access to. The researchers say that “eight of these companies are based in the U.S., two in Europe and two in Canada”.
Who is behind Open Hacking Lab?
Apparently, the individual behind the service is well-known in several communities on the Darknet. His status displays credibility, and he is most likely a skilled criminal. OHL also supports a Twitter account connected to the service, where updates about the service are published.