Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Credentials Theft. Show all posts
Katz
Atlantis AIO CaaS Credentials Theft CyberCrime cybercriminals Cybersecurity Data Breach Data Harvesting SDK data security Data Theft Flashpoint infostealers Katz

Cybercrime-as-a-Service Drives Surge in Data Breaches and Stolen Credentials

 

The era of lone cybercriminals operating in isolation is over. In 2025, organized cybercrime groups dominate the threat landscape, leveraging large-scale operations and sophisticated tools to breach global organizations. Recent intelligence from Flashpoint reveals a troubling surge in cyberattacks during just the first half of the year, showing how professionalized cybercrime has become — particularly through the use of Cybercrime-as-a-Service (CaaS) offerings. 

One of the most alarming findings is the 235% rise in data breaches globally, with the United States accounting for two-thirds of these incidents. These breaches exposed an astounding 9.45 billion records. However, this number is eclipsed by the dramatic 800% increase in stolen login credentials. In total, threat actors using information-stealing malware compromised more than 1.8 billion credentials in just six months. 

These tools — such as Katz Stealer or Atlantis AIO — are widely accessible to hackers for as little as $30, yet they offer devastating capabilities, harvesting sensitive data from commonly used browsers and applications. Flashpoint’s report emphasizes that unauthorized access, largely facilitated by infostealers, was the initial attack vector in nearly 78% of breach cases. 

These tools enable threat actors to infiltrate organizations and pivot across networks and supply chains with ease. Because of their low cost and high effectiveness, infostealers are now the top choice for initial access among cybercriminals. This rise in credential theft coincides with a 179% surge in ransomware attacks during the same period. 

According to Ian Gray, Vice President of Cyber Threat Intelligence Operations at Flashpoint, this dramatic escalation highlights the industrial scale at which cybercrime is now conducted. The report suggests that to counter this growing threat, organizations must adopt a dual strategy: monitor stolen credential datasets and set up alert systems tied to specific compromised domains.  

Furthermore, the report advocates for moving beyond traditional password-based authentication. Replacing passwords and basic two-factor authentication (2FA) with passkeys or other robust methods can help reduce risk. 

As cybercriminal operations grow increasingly professional, relying on outdated security measures only makes organizations more vulnerable. With CaaS tools making sophisticated attacks more accessible than ever, companies must act swiftly to enhance identity protection, tighten access controls, and build real-time breach detection into their infrastructure. 

The rapid evolution of cybercrime in 2025 is a stark reminder that prevention and preparedness are more critical than ever.
Read more »
FBI
Credential Stuffing Credentials Theft Cyber Attacks FBI

FBI Alerts About Credential Stuffing Attacks, Configurations and Proxies Used


What is Credential Stuffing?

Credential stuffing attacks, also known as account cracking , consist trying to get online accounts via password and username combos from existing data leaks or which were bought on dark web forums. 

Depending on the fact that users keep using the same login for various accounts, credential stuffing attacks usually lead to significant financial damage caused by fraud purchases and system remediation and downtime, but also lead towards reputational damage. 

How is the attack done?

The use of authentic credentials lets hackers to access accounts and services across different sectors, this includes healthcare, media companies, restaurant groups, retail chains, and food delivery firms. 

Once the accounts are breached, the hackers make fake purchases of goods and services, trying to access extra online resources, this includes additional financial accounts. FBI warns that proxies and configurations let cybercriminals to automate exploitation and brute force of accounts. 

FBI involved 

FBI said in particular, media companies and restaurant groups are considered lucrative targets for credential stuffing attacks due to the number of customer accounts, the general demand for their services, and the relative lack of importance users place on these types of accounts. 

FBI has issued a warning that hackers can buy combo lists of login credentials from dedicated platforms and websites with configs (configurations) that let hackers to modify credential stuffing tools for targeting victims. 

The configuration consists HTTPS request format, website's address, how to identify successful attempts, if proxies are needed etc. The FBI also said that cybercriminals can get video tutorials to learn how credential stuffing can use to hack accounts. 

Security Week says "to bypass defenses, threat actors may employ proxies, including legitimate proxy services, to obfuscate their actual IP addresses. According to the FBI, cybercriminals have extensively used residential proxies to execute credential stuffing attacks, as these are blocked less frequently compared to proxies associated with data centers."

Read more »
Subscribe to: Posts (Atom)