Initial Access Broker Activity Doubles in a Year


Security researchers detected twice as many cases of corporate access being sold on the dark web by initial access brokers (IABs) last year as during the previous 12 months, with the number of brokers also surging.

Group-IB spotted 2348 instances of IAB sales activity between H2 2021 and H1 2022, with the number of countries in which victim organizations are located also increasing – by 41% to a total of 96 during the period.

US companies were the most popular targets, while in terms of sectors it was manufacturing (5.8%), financial services (5.1%), real estate (4.6%) and education (4.2%) that were most frequently targeted.

Compromised RDP (36%) and VPN (37%) accounts were most commonly offered by IABs, according to Group-IB’s report, Hi-Tech Crime Trends 2022/2023.

Read more…