[ad_1]
Researchers have found another massive set of sensitive data, including a wonderful 1.2 TB database of login credentials, browser cookies, autofill data, and paid information malware that is yet to be identified.
All in all, NordLocker researchers he said on Wednesday, the database had 26 million login credentials, 1.1 million unique email addresses, more than 2 billion browser cookies and 6.6 million files. In some cases, victims stored passwords in text files created with the Notepad application.
The repository also included more than a million images and more than 650,000 Word and PDF files. In addition, the malware made a screen after infecting the computer and took a picture via the device’s webcam. The stolen data also came from messaging, email, games and file sharing apps. Data was extracted between 2018 and 2020 on more than 3 million computers.
The discovery came amid an epidemic of security breaches involving ransomware and other types of malware are considered big business. In some cases, including May ransomware attack on Colonial Pipeline, the first time hackers gained access using endangered accounts. Many such certificates are for sale online.
Alon Gal, co-founder and CEO of security company Hudson Rock, said the data comes from a malware malware installed by an attacker who is often trying to steal. cryptocurrency or committing a similar type of crime.
The attacker “is likely to try to steal cryptocurrencies, and when he’s done with the information, he’ll sell it to groups with ransomware, data breaches, and corporate espionage,” Gal told me. “These thefts capture browser passwords, cookies, files and more and send them to the address [command and control server] of the attacker “.
According to investigators at NordLocker, there is no lack of sources to ensure that the attackers have this information.
“Actually, anyone can get personalized malware,” the researchers wrote. “It’s cheap, it’s customizable, and it can be found online. Dark web advertisements for these viruses find even more truth about this market. For example, anyone can get lessons from using their personalized malware and stolen data for $ 100. And habit means habit; advertisers promise that they can create a virus to attack almost any application the buyer needs. “
NordLocker was unable to identify the malware used in this case. Gal said from 2018 to 2019, including widely used malware Azorult and, more recently, info theft Raccoon. Once infected, the computer will send regularly accumulated data to a command and control server that manages the attacker.
In total, the malware collected accounts from nearly a million sites, including Facebook, Twitter, Amazon and Gmail. Of the 2 billion cookies extracted, 22 percent were still in effect at the time of the discovery. Files can be useful for reconciling victims ’habits and interests, and if cookies are used for authentication, they provide access to the person’s online accounts. NordLocker offers other images here.
People who want to determine if the malware has carried their data can check it Have I been pwned violation notification service has uploaded a list of affected accounts.
This story first appeared Ars Technica.
More great KABEKO stories
[ad_2]
Source link
