How much are a CEO ’s electronic mail credentials worth ? According to one cyberpunk , anywhere between $ 100 and $ 1,500 will do , although the specific price will be set depending on the companionship ’s size and the individual ’s role in it . Unfortunately , this is not a drill : There are purportedly C of coke - suite level email credentials being sell on a Russian - speaking undercover forum , ZDNetreported on Friday .

https://gizmodo.com/microsofts-creepy-new-productivity-score-gamifies-workp-1845763063

ZDNet found that the hack is selling email and word combinations for Office 365 and Microsoft accounts belonging to high - level executives such as the CEO , COO , CFO , CMO and CTO , among many others . The hacker posted an ad for the certificate on Exploit.in , an underground meeting place for Russian - speaking cyber-terrorist , along with login information for an executive at a UK business concern direction consulting agency and for the President of the United States of a U.S. dress and accessories God Almighty as a path to bear witness his offering was legitimate .

Photo: Drew Angerer

Photo: Drew Angerer (Getty Images)

Per the story , ZDNet worked with an unnamed source in the cybersecurity residential district who contacted the hacker to obtain samples of the data being offer . The source gained access to valid login data for two Microsoft accounts . One of them belong to the chief operating officer of a intermediate - sized U.S. software company and the other belong to the CFO of a retail store chemical chain base in the EU .

The outlet report that the cybersecurity seed has confirmed the validity of the data . The source is in the process of notifying all the companies that their executives ’ electronic mail certificate have been compromise .

Gizmodo reached out to Microsoft to necessitate it to verify the report and delineate any actions taken .

How To Watch French Open Live On A Free Channel

“ We are aware of the report and will do what is necessary to help endorse our customer , ” a Microsoft interpreter told Gizmodo via e-mail . “ We encourage customer to exercise good computation habits online , include exercising caution when flick on links to web pages , open up unknown files , or accept file transfers . To increase certificate we commend direct additional steps like turning on multi - factor authentication . ”

Microsoft also pointed Gizmodo to itsonline safety resourcespage .

Although it ’s not unclouded how the hacker obtained the hundreds of Microsoft email credentials he ’s vendition , the cyber intelligence firm KELA declare oneself a possible hint . KELA told ZDNet that the same hacker had in the past expressed involvement in bribe “ Azor log , ” a computer address to data collected from theAZORult trojan malware . AZORult steals data point from compromised systems , include saved countersign from browsers and electronic mail , Skype substance history , files from Old World chat chronicle , and background files , among many others .

Argentina’s President Javier Milei (left) and Robert F. Kennedy Jr., holding a chainsaw in a photo posted to Kennedy’s X account on May 27. 2025.

Raveed Laeb , a Cartesian product coach at KELA , told ZDNet that collective email credentials can be exploit by cyber crook in many ways .

“ Attackers can apply them for internal communication theory as part of a ‘ CEO scam’—where outlaw fudge employee into wiring them big heart and soul of money ; they can be used so as to get at raw info as part of an extortion scheme ; or , these credentials can also be overwork so as to pull ahead access to other internal systems that require email - based 2FA , in social club to move laterally in the organization and conduct a connection invasion , ” Laeb said .

https://gizmodo.com/microsoft-sets-fairer-app-store-policies-for-itself-in-1845311700

William Duplessie

As noted by ZDNet , the best way to protect yourself from these types of attack is by enable two - factor authentication , also known asmulti - factor authentication . MFA requires you to present two while of evidence in orderliness to gain access code to your account . This means that a hacker would demand to steal , for example , your credentials and your earpiece to be able to do something with them .

Do people do this though ? Apparently not . At thebeginning of the year , Microsoft stated that out of all the endeavor accounts hacked , only 11 % had MFA enabled .

[ ZDNet ]

Starship Test 9

Update 2025-02-25 , 11:55 p.m. ET : This post has been updated with extra remark from Microsoft .

Update 2025-05-01 , 18:30 p.m. ET : The headline has been update to elucidate that it was not Microsoft C - retinue administrator who had their certification stolen , but rather C - cortege executives using Microsoft account . We repent the discombobulation .

HacksMicrosoftPrivacySecurity

Lilo And Stitch 2025

Daily Newsletter

Get the best tech , scientific discipline , and culture news in your inbox day by day .

News from the futurity , deliver to your present .

You May Also Like

CMF by Nothing Phone 2 Pro has an Essential Key that’s an AI button

Photo: Jae C. Hong

Doctor Who Omega

How To Watch French Open Live On A Free Channel

Argentina’s President Javier Milei (left) and Robert F. Kennedy Jr., holding a chainsaw in a photo posted to Kennedy’s X account on May 27. 2025.

William Duplessie

Starship Test 9

Roborock Saros Z70 Review

Polaroid Flip 09

Feno smart electric toothbrush

Govee Game Pixel Light 06