Categories
'mystery malware

Mystery malware deletes 26M passwords from 3M PCs. Are you affected?

BIG HAUL — Massive trove can be used for ransomware, espionage, and more. Dan Goodin – Jun 9, 2021 8:50 pm UTC Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified.…

BIG HAUL —

Massive trove may be used to get ransomware, espionage, and much more.


The silhouettes of heads emerge from a screen full of ones and zeros.

Researchers have found yet another massive trove of sensitive information, a dizzying 1.2TB database containing login credentials, browser cookies, autofill information, and payment data extracted by malware which has yet to be identified.

In all, researchers from NordLocker stated on Wednesday, the database comprised 26 million login credentials, 1.1 million unique email addresses, over two billion browser cookies, and 6.6 million records. In some cases, victims stored passwords in text documents made with the Notepad program.

The stash additionally included over 1 million images and more than 650,000 Word and .pdf files. Additionally, the malware created a screenshot after it infected with the computer and took a picture using the apparatus’s webcam. Stolen data came from programs for messaging, email, gaming, and file-sharing. The information was extracted between 2018 and 2020 from more than 3 million PCs.

A booming marketplace

The discovery comes amid an outbreak of security breaches between ransomware and other types of malware hitting huge businesses. In some cases, such as the May ransomware assault on Colonial Pipeline, hackers first gained access using compromised accounts. Many such credentials are offered for sale on the internet.

Alon Gal, co-founder and CTO of security firm Hudson Rock, said that such information is often first gathered by stealer malware installed by an attacker trying to steal cryptocurrency or commit a similar type of crime.

The attacker”will likely then try to steal cryptocurrencies, and once he is done with the information, he will sell to groups whose expertise is ransomware, data breaches, and corporate espionage,” Gal advised me. “These stealers are capturing browser passwords, cookies, files, and much more and sending it to the [command and control server] of the attacker.”

NordLocker investigators said there is no shortage of sources for attackers to secure such advice.

“The truth is, anyone can get their hands on custom malware,” the researchers wrote. “It’s economical, customizable, and can be found all over the web. Dark web ads for all these viruses uncover more truth about this marketplace. For Example, anyone can get their own custom malware and even lessons on how to use the

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *