Live Now:
An access broker is a cybercriminal who specializes in gaining unauthorized access to computer systems and then selling that access to other threat actors.
Access brokers operate as intermediaries in the cybercriminal ecosystem, selling their compromised access through dark web marketplaces to ransomware groups, data thieves, or other malicious actors who lack the technical skills or time to perform initial network penetration themselves. They often advertise their wares by specifying the type of organization compromised, the level of access obtained (such as domain administrator privileges), and the asking price.
This division of labor makes cyberattacks more efficient and dangerous, as it allows specialized criminals to focus on their particular expertise while expanding the pool of potential attackers. Access brokers have become increasingly prevalent in recent years, contributing significantly to the rise in ransomware attacks and data breaches by lowering the barrier to entry for less technically sophisticated criminal groups.
