Experts sound alarm on infostealer malware after login details exposed

Experts, cyber criminals intensified their efforts to steal and sell online passwords. The alarm comes after the discovery of online data sets containing billions of open account identity information.

30 data clusters consisted of 16 billion entry identity information on multiple platforms, including Apple, Google and Facebook. reported Last week by CyberNews researchers.

During this year, exposures have been defined by Cyber ​​Security Consultancy Security Discovery Founding Partner Volodymyr Diachenko and suspected that multiple sides have work.

“This is a collection of various data sets that have appeared on my radar since the beginning of the year, but they all share a common structure of URLs, entry details and passwords,” Diachenko said, ” He said.

According to Daichenko, all signs indicate that the leaked input information is the work of “infostalers” – malicious software that removes sensitive data from devices, including user names and passwords, credit card information and online browser data.

Although the logic lists of the login lists are available in many copies, the overwhelming volume of the findings has a perspective on how sensitive data on the Web.

Daichenko said InfoStealers should give alarms about how they became today’s “cyber plague”. “Somewhere, somewhere, extinguishing data from their machines while talking.”

Daichenko was able to detect the data exposed, because their owners temporarily added them to the website without a password lock. The incorrectly shared data leaks are usually caught by the discovery of security, but this year is not on the scales ever seen.

As a result, there was an increase in high -profile infostealer attacks. For example, in March, Microsoft threat intelligence malicious campaign Globally uses infosterrs that affect approximately 1 million devices.

Infostealers reaches the devices of the victims by deceiving downloading malware that can be hidden in everything from identity hunting E -mail to fake websites, search engine advertisements.

The motive behind the infostealer attacks is usually financial, the attackers usually want to take over direct bank accounts, credit cards and crypto currency wallets or to make identity fraud.

Cyber ​​criminals can use stolen identity information and other personal data such as extremely convincing, personalized identity attacks and blackmailing people or organizations.

According to Palo ALTO’s Green, the scale and dangers of such infostalists have concentrated thanks to the increasing prevalence of sellers, which offers “cyber crime” as a service as a service to customers for malicious vehicles, precise data and other illegal online services.

“Cyber ​​crime as a service is a critical facilitator here. There’s basically democratized cyber crime, Gr said Green.

Underground markets, usually hosted on the Dark Web, create a request for cyber criminals to steal personal information and then sell to fraudsters.

In this way, data violations become more than individual accounts – they represent the “broad, interconnected network of identities” that can increase subsequent attacks.

According to Diachenko, at least a portion of the input data clusters that are detected is likely to be taken to or taken to online scammers.

Furthermore, malware kits and other resources can be found in these markets that can help facilitate infostealer attacks.

CNBC reported how the availability of these tools and services significantly reduces technical barriers for criminals and allowed sophisticated attacks to be carried out on a large, global scale.

The report found that infostealer attacks increased by 58% in 2024.

Ismael Valenzuela, Vice President of Threat Research and Intelligence at Cyber ​​Security Company Arctic Wolf, is just to assume that most people will contact an infostealer threat at some point, along with the prevalence of increasing malware and online use.

Valenzuela, in addition to the password updates often, individuals will have to warn more about the amount of malware stored in illegitimate software, applications and other downloadable files. Use Multi -factor authentication in accounts has become more important than ever.

In May, Europol said that he cooperated with the European Cyber ​​Crime Center, Microsoft and global authorities. be broken “Lumma”, called “the most important infosteal threat in the world”.