Islamabad: Nearly 10 million devices will fall victim to data-stealing malware in 2023. According to Kaspersky, 443,000 websites worldwide have experienced compromised credentials in the past 44 years. The .com domain led the accounts compromised by Infostealer in 2023, with nearly 326 million logins and passwords for websites on this domain. .pk domain accounts in Pakistan have reached 2.4 million.
Recent data theft reports show a 643% increase in the past three years. The actual number of infections is probably more than 10 million. According to Kaspersky’s estimates of infostealer log-file dynamics, the number of detected infections in 2023 is expected to reach around 16,000,000.
With cybercriminals stealing an average of 50.9 login credentials per infected device, the threat posed to consumers and businesses by data theft is growing. Because of this growing threat, Kaspersky has launched a dedicated website to understand the problem and provide strategies to mitigate the associated risks.
Threat actors use these credentials for their nefarious purposes, such as conducting cyber attacks or freely selling or distributing them on dark web forums and shady Telegram channels. These credentials may include logins for various company online services such as social media, online banking services, crypto wallets, and email and internal systems.
“The dark web value of log files and access credentials varies depending on the attractiveness of the data and how it is sold there. Credentials can be sold through subscription services with common downloads called “aggregators” for specific requests, or through “stores” that sell Credentials new logins are acquired only to selected buyers.
Prices usually start at $10 for a daily file in this store. This shows how important it is for individuals and companies, especially those dealing with large online user communities, to be alert. Leaked credentials are a major threat, allowing criminals cyber carry out various attacks such as theft, social engineering, or impersonation,” he said.
To protect against data-stealing malware, people are advised to use a comprehensive security solution for any device. Companies can help protect their users, employees, and partners from threats. They can proactively monitor leaks and prompt users to immediately change leaked passwords.
More information about the Infostealer threat is gathered on the Kaspersky Digital Footprint Intelligence website.
