Hackers are selling stolen log-in details for major media organisations – potentially allowing fraudsters to plant fake news or malware.
Intelligence analysts say dark web hackers are advertising the security details of news websites and agencies to allow buyers to post or edit content.
Cybersecurity expert Omer Carmi, director of Sixgill, told news publication Foreign Policy: “For anyone with a strategic will or the strategic motivation to do that, it is a piece of cake.
“I only need to have credentials for this forum and $200 in Bitcoin, and I can just go in and publish whatever I want as an article.”
Sixgill discovered an ad offering access to 1,400 US magazines. Another post was for access to a major news wire service.
Is this a scam?
It is not known if the offers are legitimate, and it is not known if anyone has used the stolen credentials to publish fake news.
Last week, it was reported that a pair of hacker groups dubbed Alpha and Beta are believed to be behind cryptocurrency thefts totalling $1bn over recent years.
Analytics and security firm Chainalysis say the two groups account for 60% of all publicly reported crypto thefts.
Alpha is described as “a giant, tightly controlled organisation at least partly driven by non-monetary goals.”
Beta was dubbed “a less organised and smaller organisation absolutely focused on the money.”
Analysts added: “They don’t appear to care very much about evading detection.”
Chainalysis wrote on their website that there’s “no question” hacking will continue as it is the most lucrative of all crypto crimes.