A new report shows that hackers are selling access to 576 corporate networks worldwide for a total of $4,000,000, increasing attacks against organizations. The research comes from Israeli cyber-intelligence firm KELA, which published its Q3 2022 Ransomware Report, which has been operating steadily in the early access sales industry but has seen a sharp increase in the value of offers.

While the number of network access sales has remained almost the same as in the previous two quarters, the total asking price has now reached $4,000,000. By comparison, the total value of primary access listings in Q2 2022 was $660,000, with a decrease in value. This coincided with the summer ransomware outage hitting demand.

The path to ransomware

Initial Access Agents (IABs) are hackers who sell access to corporate networks, often by stealing credentials, web shells, or exploiting vulnerabilities in common hardware.

Once established on the network, attackers sell this corporate access to other hackers who use it to steal valuable data, distribute ransomware or other malicious activities.

IABs’ reasons for not using network access range from a lack of various response skills to a preference not to risk growing legal issues. Although they were disabled last year when major ransomware gangs operating as criminal organizations ran their own IAB departments, the IAB still plays a critical role in the ransomware infection chain. Source