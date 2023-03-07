Password stolen? You’re not the only one; more than once we have talked about this topic, showing you simple methods to better protect yourself from hackers and the like who can put your privacy is at risk. Today, however, the study conducted by NordVPN brings to light that since 2018 the stolen data are over 26.6 million and all thanks – or unfortunately – to the malware bots that go around the net. These were able to steal 720 thousand access credentials to Google, 654 thousand to Microsoft and 647 thousand to Facebook. Important data, as hacked credentials often go on sale.

Usually the price for these digital informationobviously on the bot market, it is around 6 dollars and the turnover is exponential. Not only usernames and passwords are stolen, but also cookies and device configuration information. Cyber ​​security experts claim that the rise of this malware will help hackers to bypass multi-factor authentication (MFA).

“When a criminal hacks a password, they can’t complete identity authentication if the user has multi-factor authentication enabled. However, if an attacker steals cookies and configuration information from the victim’s device, he can fool security systems and bypass multi-factor authentication. Because bot malware gives criminals the entire digital identity of the victim, it presents a new set of risks” he has declared Adrianus Warmenhover, cyber security consultant at NordVPN.

Stolen passwords and data: the bots used for a perfect crime

Cookies are so essential that even a novice hacker can log into your account Facebook of the victim. And that is very dangerous, as the hacker usually manages to achieve the contact list and send them malicious or highly dangerous money transfer links. Another method that is used by the criminal in question is to post false information on the victim’s social feed.

“Some strategies are even simpler. For example, a hacker can take control of a victim’s Steam account by changing their password. Steam accounts sell for upwards of $6,000 per account and can be easy money for a criminal.” adds Adrianus Warmenhoven.

Usually, it is they who are targeted businesses with phishing attacks, trying to impersonate the company’s employees. Obviously it is advisable to equip yourself with antivirus and a program capable of managing passwords with an advanced encryption system.

Where does the stolen data go?

According to the study carried out by NordVPN, thanks to the researchers, a lot of data is then sold to bot markets. Currently, after careful analysis, three main bot markets have been set up: Genesis Market, Russian Market and 2Easy. All markets are active and accessible on the surface web, obviously at the time of the study. The bot market data was collected in collaboration with independent third-party researchers who specialize in cybersecurity incident research.

But which malware will you need to watch out for? We can well say that all malware is dangerous, but there are five that cleverly manage to steal your data without too many problems, obviously always taking into consideration the fact that you do not have adequate protections while surfing the internet. The names are as follows: RedLine, Vidar, Racoon, Taurus and AZORult.

“To protect yourself, always use an antivirus. Other helpful measures include using a password manager and file encryption tools to ensure that even if a criminal does attack, they have very little to steal.” he concluded Adrianus Warmenhoven.