SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Crypto Wallets
#
Cyber attacks
Data-stealing malware affects nearly 10m devices in 2023
Fri, 5th Apr 2024
Author image
By Shannon Williams, Journalist
Follow us

Nearly 10 million devices fell prey to data-stealing malware in 2023, according to new research carried out by global cybersecurity company Kaspersky.

With an average of 51 login credentials stolen per impacted device, the issue is a growing concern for both personal and corporate device users. The study draws from insights gleaned from infostealer malware log files traded on underground markets.

The study found the most compromised domain is the .com, followed by domain zones associated with Brazil (.br), India (.in), Colombia (.co), and Vietnam (.vn).

The data-stealing malware infections monitored by Kaspersky Digital Footprint Intelligence have seen a 643% increase over the past three years. Approximately 10 million personal and corporate devices were infected last year, showcasing the substantial growth in this threat. The data regarding infected devices comes from the exploration of infostealer malware log-files that are active on the underground markets.

Despite a modest 9% decline in the number of log-files in 2023 compared to 2022, it doesn't imply that the cybercriminal demand for login credentials has decreased, Kaspersky says. According to Kaspersky's latest analysis of infostealer dynamics, the actual number of infections for the year 2023 is likely to be much higher than 10 million, potentially reaching the 16 million mark. Threat actors then utilise these credentials for their malignant activities, such as cyber attacks, or distribute them on dark web forums and shadow Telegram channels freely or for a fee.

The stolen credentials could be linked to online banking services, social media, various corporate online services including email and internal systems, and crypto wallets. Kaspersky's study highlights that some 443,000 websites worldwide have experienced compromised credentials in the past five years.

Regarding the most compromised domains, the .com leads with nearly 326 million compromised logins and passwords. Brazil's .br follows with 29 million, while the .in domain linked to India had 8 million, .co (Colombia) nearly 6 million, and Vietnam's .vn over 5.5 million. The value of the log files on the dark web can vary depending on the data and how it is sold.

Prices for log files usually start at $10 in these dark web shops. Cybersecurity expert at Kaspersky Digital Footprint Intelligence, Sergey Shcherbel, points out the serious threat posed by these trades, "Leaked credentials carry a major threat, enabling cybercriminals to execute a multitude of attacks such as unauthorized access for theft, social engineering, or impersonation."

For protection against data-stealing malware, Kaspersky advises individuals to use a comprehensive security solution for their devices. This can both prevent infections and alert users to threats, such as dubious sites or phishing emails. Companies can assist their employees, users, and partners in protecting themselves through proactive leak monitoring and prompting password changes as necessary.

Related stories
Radware unveils AI-powered DNS DDoS protection solution
Zscaler introduces enhanced ZDX service for improved IT operations
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Jason Haddix joins Flare as Field Chief Information Security Officer
Top stories
Email spam hits new high, increasing nuisance communication by 31%
Object First selects Vitanium for launch of ransomware-proof backup appliance
Kaspersky boosts email security features after 77% of firms hit by cyber attacks
Portnox teams up with Bugcrowd for private bug bounty programme
Barracuda report explores challenges in managing cyber risks