Cybersecurity researchers from Nord Security have unearthed a new set of Trojan-type malware that has exploited over three million Windows computers and has stolen nearly 26 million login credentials for about a million websites.
Nord Security researchers have grouped the websites into a dozen categories. These include email services, financial platforms, e-commerce platforms, file storage and sharing services, and social media platforms.
In total, the report revealed that the unnamed malware succeeded in stealing about 1.2 terabytes of personal data including over a million unique email addresses, over two billion cookies, and more than six million other files.
There are millions of other details the threat actors were able to steal, according to the researchers.
The researchers also discovered 6 million files from the victims’ download folders and desktops that were stolen from this unnamed malware. It also took screenshots of the infected systems and tried to take a picture of the victim using the device’s webcam.
“For every malware that gets worldwide recognition and coverage, there are thousands of custom viruses made specifically for the buyer's needs. These are nameless pieces of malicious code that are compiled and sold on forums and private chats for as little as $100,” Nord Security, explained.
During their analysis, Nord security researchers observed that each malware that gets worldwide attention has thousands of custom viruses designed specifically for the needs of the br. This is not helped by the fact that there are several nameless malicious codes easily sold on private chats and forums at very cheap amounts.
“Antimalware software like antiviruses doesn’t fully protect our devices. Public Wi-Fi poses as much danger to our logins as malware does. In many cases, public Wi-Fi can have poorly configured firewalls that let hackers monitor your Wi-Fi connection,” Daniel Markuson, a digital security expert at NordVPN, Nord Security’s VPN service stated.
Hackers are now employing different attacking techniques to launch series of attacks on organizations and users. Last week, the REvil ransomware group targeted Kaseya VSA cloud-based solution and demanded $70 million as a price to unlock the systems encrypted during the supply-chain attack. The gang demanded the ransom of Bitcoin before releasing the tool that enables all affected businesses to recover their files.
