Yesterday Group-IB published a report on professional stealers where researcher identified 34 Russian-speaking group which is developed and distribute this information stealer malware on dark web as stealer-as-a-service. Team also discovered that attacker used Racoon and Redline stealer primitively to get the credentials of many gaming account including Steam, Roblox, Amazon and paypal.
Information stealer (as in the name) collect the information from the infected system and send back data to the attacker. mainly used to gather the credentials which is used in online banking, FTP account, emails login, social media . this type of malware includes the capability of hooking browser, web injection, form grabbing, keylogging, collecting saved password.
According to the analysis of Telegram groups, for the last 10 months of 2021 cyber criminals collected 27,875,879 sets of passwords, 1,215,532,572 cookie files, 56,779 sets of payment records, and data from 35,791 crypto wallets. In the first 7 months of 2022, threat actors stole 50,352,518 passwords, 2,117,626,523 cookie files, details of 103,150 bank cards, and data from 113,204 crypto wallets. The underground market value of just the stolen logs and compromised card details is around $5.8 million, Group-IB experts estimate
To prevent such attacks users must
- Download the software from its original source.
- Install a good anti-malware/anti-virus protection
- scan full system if user find something suspicious with good protection software and change all password
No comments:
Post a Comment