In an increasingly vulnerable digital context, warning about information theft have proliferated, affecting both macOS users and those who use email platforms like Gmail and Outlook. Concern for password safety has reached alarming levels, especially after Kela’s recent report, an intelligence agency of threats centered on the dark web, which reveals the true scope of this threat. With more than 4.3 million infected machines so far from 2024, the panorama is overwhelming and it becomes urgent to take action.
He Latest Kela cybercrime reportpublished on February 20, and that Forbes collects, it emphasizes that information thieves are behind the Subtraction of 3.9 billion passwords. This alarming number reveals that passwords are shared in lists that seem to come from information theft records. Three main strains of malware, Lumma, Stealc and Redline, have been responsible for 75% of infections. David Carmiel, CEO of Kela, emphasizes the existence of clandestine economies that facilitate malware as a service, creating an environment conducive to various criminal activities.
Malicious activity related to Information theft malware It is not limited to password subtraction; It also includes ransomware attacks and espionage campaigns. The efficiency and scalability of these information thieves allow the attackers to compromise large volumes of accounts, both personal and corporate. This dynamic becomes a vicious cycle where stolen credentials are sold in clandestine markets to facilitate future attacks, thus exacerbating the problem.
Almost the 40% of infected machines contained credentials for sensitive corporate systemsincluding emails and content management platforms. The report reveals that, surprisingly, 65% of compromise computers were personal, indicating that many users are not taking the necessary precautions to protect their data. This highlights the importance of implementing robust security measures, especially in corporate environments.
To combat this growing threat, Kela recommends the iMultifactor authentication mperation in all accounts and isolation of critical systems to limit the lateral movement of the attackers. In addition, the use of advanced email filter solutions is advised to prevent phishing attempts. The urgency of these measures cannot be underestimated, since analysts foresee an increase in information theft in 2025.
AI and password vulnerability
The Artificial Intelligence (AI) It has also emerged as a disturbing factor in password safety. Ignas Valancius, Chief of Engineering of the NordPass password administrator, warns Forbes that AI can decipher passwords, Even the most complex, in record time. As IA tools become more sophisticated, the risk of gross and dictionary force attacks increases, which means that password safety will be compromised if appropriate measures are not taken.
Valancius suggests that good password hygiene practice includes Create long and random passwordsavoid the use of personal information and not reuse passwords in different accounts. It recommends the creation of password phrases as an easier alternative to remember, as well as considering the use of access keys, which combine biometric verification with cryptographic keys for greater security.
Increase in ransomware activity
Kela’s report also reveals an increase in ransomware activity in 2024. The cybercrime company tracked more than 5,230 victims and about 100 threat actors last yearan annual increase of 10.5% and 28.5% respectively.
It is imperative that users and organizations remain alert and proactive in the protection of your data. The combination of information theft and the growing AI capacity to decipher passwords creates a worrying scenario. The education and implementation of effective security measures are crucial steps to mitigate these risks and safeguard personal and corporate information.
#steal #billion #passwords #malware #responsible #subtraction #information #Gmail #Outlook #report
