Shipping company credentials shared on underground cybercrime


A cybercrime intelligence firm has revealed that underground cybercrime matches the credentials of shipping companies.

Over the past several months, Intel 471 has observed network access brokers selling credentials or other forms of access to transportation and logistics companies as part of underground cybercrime. The companies whose references are sold range from air, land and sea freight transport.

The company’s observations included:

Within two weeks in July 2021, a new user and a well-known access broker claimed to have access to a network owned by a Japanese container shipping and shipping company. The new user included company credentials in a dump of 50 other companies.

In August 2021, a user known to work with groups that deployed the Conti ransomware claimed access to corporate networks owned by a US-based transportation and trucking management software provider and a company freight forwarding service based in the United States.

READ: Evolve cybersecurity in ports (£)

In September 2021, a user linked to the FiveHands ransomware group claimed access to hundreds of companies, including a UK-based logistics company. Additionally, a new user claimed to have gained access to a Bangladesh-based transportation and logistics company.

In October 2021, a newcomer to a well-known cybercrime forum claimed access to the network of a US-based freight forwarding company, alleging he had local administrator rights and could access 20 computers on the company network. Also in October, a newcomer to another well-known cybercrime forum claimed access to a Malaysian logistics company.

Hong Kong-based shipping carrier Orient Overseas Container Line (OOCL) has learned of a recent increase in fraudulent activity and has reminded its customers to remain vigilant to protect them against potential financial loss and cyber risk.

In his latest customer service update, he said that fraudsters could attempt to defraud remittances through unauthorized use of OOCL’s name via email, advising the victim to change the bank account number of receipt of payment in that belonging to the fraudster.


About Author

Leave A Reply