According to research carried out by experts at CloudSEKsome cybercriminals are stealing account X for a fee and then resell the same on Dark Web or use them directly for further cyber attacks.
In fact, by gaining access to certified accounts, it is easy for criminals to gain the trust of users, then spreading sites phishing, financial scams or other similar traps.
Thanks to the data collected by CloudSEK it was possible to notice how a new account on X is usually sold for around 30 cents on the dollar. Paid profiles, especially if created for at least 5 yearshowever, they have a much higher value, capable of ranging between 1,200 and 2,000 dollars.
The number of followers also influences the price, as is easy to imagine. The information analyzed so far indicates in broad terms how an account with 28.000 follower sold on the Dark Web can make money even $2,500 has a cybercriminal.
How do cybercriminals take over paid X accounts?
In most cases we are talking about brute force attacks, with energy and resources directed towards passwords. The targets of cybercriminals are often profiles that have been inactive for several years, and therefore rarely present systems safety e advanced protection.
CloudSEK, to demonstrate how widespread and dangerous this phenomenon is, wanted to cite perhaps the case that attracted the public’s attention the most. We’re talking about the recent theft of the co-founder’s account Ethereum, resulting in the spread of links to malicious websites by cyber criminals. In that case, in a few tens of minutes the criminals had managed to steal a lot $691,000 in cryptocurrency, before being blocked.
Finally, security experts wanted to give useful advice to avoid cases of this type, especially regarding company profiles, i.e. closing accounts permanently if you no longer intend to use them actively.