Researchers at a threat intelligence firm have revealed that over 120,000 devices infected with information-stealing malware have credentials associated with notorious cybercrime forums. Some of the forums had thousands of affected users.
With infostealing malware posing an ever-present threat to internet users, using antivirus tools with built-in data breach monitoring such as Surfshark One is advised.
Tens of Thousands of Hackers Have Details Exposed
According to new research from Hudson Rock, which has a database of information from devices infected by infostealing malware, 120,000 of these devices included information from “100 leading cybercrime forums”.
The firm says that “The substantial amount of data that is retrieved for each compromised computer when it is infected with an infostealing malware enables the real identities of the hackers to be discovered based on indicators”.
These include additional credentials found on the computers (such as additional emails, and usernames), auto-fill data containing personal information (such as names and phone numbers) and system information like IP addresses.
🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.
Cybercrime forums with members impacted include Breached.to, rf-cheats.ru, Nulled.to, and hackforums.net. Nulled.to alone had 57,000 compromised users.
Interestingly, “passwords from Cybercrime forums are stronger than passwords used for Government websites,” Hudson Rock said, and “exhibit fewer “very weak” passwords than industries like the military.”
Infostealing Malware on the Rise
Infostealing malware is a class of malicious software designed to extract important information from target computers.
Once it pierces a given device's defenses, the malware will execute and search the computer’s systems for passwords, bank details, and other sensitive information.
Infostealers make their way onto victims’ devices through a variety of different attack vectors, including phishing emails, fraudulent websites, and shady phone applications.
Hudson Rock says in their report that infostealing malware as cybercrime has increased by 6000% since 2018, with the main culprits being RedLine, Racoon, and Azorult. Other info stealers like Vidar have been around for years and still carry a present threat.
How Do You Protect Yourself From Infostealing Malware?
The best preventative step you can take is to ensure your device has capable, reliable antivirus software installed, and that it is regularly updated.
Also, it’s highly recommended that you use an antivirus software tool that includes dark web monitoring technology, which will ensure you’re alerted straight away if your details are leaked. This means you can either change your account credentials or notify your friends/family to watch out for scammers attempting to impersonate you.
Of course, activate multi-factor authentication on any account you hold that offers this as an option. This will mean that, even if someone has got a hold of your password, you’ll have a second line of defense.