Search This Blog

Showing posts with label Credentials. Show all posts

This Malware is Spreading Via Fake Cracks

 

An updated sample of the CopperStealer malware has been detected, infecting devices via websites providing fraudulent cracks for applications and other software.

Cyber attackers employ these bogus apps to perform a range of assaults. The hackers in this assault operation took advantage of the desire for cracks by releasing a phoney cracked programme that actually contained malware. 

The infection starts with a website or Telegram channel offering/presenting false cracks for downloading and installing the needed cracks. The downloaded archive files include a password-protected text file and another encrypted archive. 

The decrypted archive displays the executable files when the password specified in the text file is typed. There are two files in this sample: CopperStealer and VidarStealer. 

What are the impacts of Copper Stealer and Vidar Stealer on the systems? 

CopperStealer and Vidar stealer can cause many system infections, major privacy problems, financial losses, and identity theft. 
  • CopperStealer: The primary function of CopperStealer is to steal stored login information - usernames and passwords - as well as internet cookies from certain browsers. Mostly focuses on the login details for business-oriented Facebook and Instagram accounts. CopperStealer variants also seek login credentials for platforms and services such as Twitter, Tumblr, Apple, Amazon, Bing, and Apple. The malware can steal Facebook-related credentials from browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, Opera, and Yandex.
  • Vidar stealer: The most common ways for this malware to propagate are through pirated software and targeted phishing efforts. Vidar stealer is capable of stealing credit cards, usernames, passwords, data, and screenshots of the user's desktop. The malware steals data from a range of browsers and other system apps. It can also steal cryptocurrency wallets such as Bitcoin and Ethereum. 
Safety first

Attackers can utilise data stealers like CopperStealer to steal sensitive information for more illegal reasons. Users can stay secure by taking the following precautions: 
  • Downloading cracks from third-party websites should be avoided. 
  • Keep the systems up to date with the newest patches. 
  • It is highly advised that security detection and prevention technologies be enabled to safeguard systems from attacks.

Watch out for Christmas 2021 Credential Stuffing Attacks!

 

As per Arkose Labs' research, there were over two billion credential stuffing attacks (2,831,028,247) in the last 12 months, with the number increasing exponentially between October 2020 to September 2021. 

This form of online fraud has increased by 98 percent over the previous year, and it is projected to spike during the Christmas shopping season. Credential stuffing attacks in 2021 accounted for 5% of all web traffic in the first half of 2021. 

Credential stuffing is the most recent cyber-attack technique used by online criminals to obtain unauthorized access to users' financial and personal accounts. Cybercriminals take control of real user accounts and monetize them in a variety of ways. These include draining money from compromised accounts, collecting and reselling personal information, selling databases of the known verified username and password combinations, and exploiting compromised accounts to launder money obtained from other illegal sources. People who reuse the same username/password combination across various sites are frequently targeted by cybercriminals. 

The anti-fraud community has highlighted credential stuffing as an increasing problem in recent years. However, due to the jump in internet activity in the pandemic and the growth of online purchasing, it has risen in recent months. Credential stuffing increased 56 percent during the Christmas and New Year shopping season last year, according to research analysts, with forecasts that the same period in 2021 will witness up to eight million attacks on consumers every day. 

The Arkose Labs network detected and blocked 285 million credential stuffing assaults in the first half of 2021, with spikes of up to 80 million in a single week. In just one week, one intensively targeted social media organization experienced 1.5 million credential stuffing attacks. 

Kevin Gosschalk, CEO at Arkose Labs stated, “The global e-commerce landscape is more connected than ever before and personal information has become the currency of fraudsters. Credential stuffing is prolific. It’s become an enormous concern to online businesses and is fast overtaking other well-known attack tactics, such as ransomware, as THE cyber attack to watch out for.” 

“Fraudsters are compelled to this type of cybercrime as the low barrier to entry makes it easy to deploy and online criminals can generate profits with just one successful compromised account. Their volumetric approach can come on abruptly, quickly overloading businesses’ servers and putting customers at risk.” 

Other key information 

According to the research team's newest findings, 
  • The top attacked industries by sector include gaming, digital and social media, and financial services. 
  • Credential stuffing assaults accounted for over half of all attacks aimed at the gaming industry. 
  • The United Kingdom was also named as one of the top three regions that carried out the most credential stuffing attacks against the rest of the world. 
  • Alongside, Asia and North America, both demonstrated massive amounts of fraudulent activity emanating from their respective regions.
  • During the first half of 2021, mobile-based attacks accounted for approximately one-quarter of all attacks.