Security experts identified over 140,000 compromised passwords linked to accounts on hacker forums after their owners were infected with data-stealing malware.
Hudson Rock searched its cybercrime intelligence database for infected computers with credentials connected with the top 100 cybercrime sites. It discovered 120,000 identical computers, claiming that many of them belonged to hackers.
When a machine is infected with information-stealing malware, a "substantial" amount of data, including emails and account usernames, auto-fill data containing personal information such as addresses and phone numbers, and system information such as IP addresses, can be retrieved, security firm explained.
“Info-stealer infections as a cybercrime trend surged by an incredible 6000% since 2018, positioning them as the primary initial attack vector used by threat actors to infiltrate organisations and execute cyber-attacks, including ransomware, data breaches, account overtakes, and corporate espionage,” the company added.
Redline, Raccoon, and Azorult accounted for the majority of the info-stealer malware that was discovered throughout the research. The analysis found that the majority of those exposed were from Tunisia, then Malaysia, Belgium, the Netherlands, and Israel.
The cybercrime forum "Nulled.to," which was followed by "Cracked.io" and "Hackforums.net," had the most users who had been exposed to malware.
It's interesting that the research team discovered that a large portion of the credentials used on hacking sites were more robust than those employed on government and military websites.
“By analyzing passwords of users from the various forums, Hudson Rock determined that the forum with the strongest user passwords is Breached.to, while the one with the weakest user passwords is the Russian site Rf-cheats.ru,” the vendor concluded.
The cybercrime underground frequently sees a high number of usernames and passwords in circulation. SpyCloud detected billions more pieces of personal information (PII) and almost 1.5 billion compromised log-in combinations online in 2021.
SpyCloud discovered that 60% of credentials for users who had multiple passwords exposed were shared across accounts, and that number rose to 87% for US.gov emails, leaving them vulnerable to brute force attacks and credential stuffing.
Prevention tips
Having strong, dependable antivirus software installed on your device and keeping it updated on a regular basis is the best preventative measure you can take.
You should also use antivirus software that has dark web monitoring technologies so that you'll be immediately informed if your information is compromised. You can either do this by changing your login details or by warning your friends and family to be on the lookout for scammers impersonating as you.
