Logins for US Navy, NASA's JPL among US gov logins sold on deepweb
Just US$2132 gets you half a dozen live Navy.mil accounts
14 Sep 2016 at 07:35, Darren Pauli
Hackers are claiming to have accounts at major United States government agencies for sale, including NASA, the Navy, and the Department of Veteran Affairs.
The unverified cache found by Infoarmor chief intelligence officer Andrew Komarov includes 33,000 records tied to the US Government, plus research and educational organisations and universities.
Agencies on the list include the US General Services Administration, National Parks Service, and the Federal Aviation Administration. One government data listing visited by The Register promised alleged access to six unnamed accounts for subdomains of the US Navy including 3.5 bitcoins (US$2132).
They are also selling alleged access to five accounts across subdomains for NASA's Jet Propulsion Lab for three bitcoins (US$1827).
Another three logins to servers of the US Centres of Disease Control and Prevention over FTP and SFTP were being flogged for half a Bitcoin (US$300).
Komarov says the data was likely stolen from the National Institute of Building Sciences.
"It contains numerous members from the research, educational, government and military community."
One of the sellers, known as "poporet", is selling a revamped trojan that targets US bureaucrats and could be behind the rash of purported Government data dumps.
The remote access trojans known as GovRAT has been overhauled and is being sold for a relatively cheap price of up to US$6000 for source code, and US$1000 for basic components.
"The dynamics of growth show an extreme interest in hi-tech, scientific and federal sectors, Komarov says.
The trend is also very visible regarding defence and military employees".
GovRAT has also been upgraded with various anti-analysis and anti-security techniques. ®