Islamabad: While the malware development market continues to evolve with new hackers like Lumma, Redline remains the data-stealing malware used by cybercriminals for the past three years. According to a new study by Kaspersky Digital Footprint Intelligence, by 2023, 55% of devices targeted for password theft attacks will be infected with the Redline malware.
Redline was used in 51% of infostealer infections from 2020 to 2023, according to data from log files freely distributed on the commercial or dark web. In total, using metadata from files between 2020 and 2023, Kaspersky Digital Footprint Intelligence identified almost 100 different types of infostealer.
Hackers hack into devices to illegally obtain confidential credentials, such as logins and passwords, which are then stored on the shadow market, posing a cybersecurity threat to personal and corporate systems.
The underground market for developing data-stealing malware is growing, evidenced by the rise in popularity of recent hijackers. Between 2021 and 2023, the proportion of newly infected patients increased from 4% to 28%. In particular, the new Lumma thieves are responsible for more than 6% of all infections in 2023.
Lumma appeared in 2022 and gained popularity in 2023 through the Malware-as-a-Service (MaaS) distribution model. This means that any criminal, even those without advanced technical skills, can subscribe to a pre-packaged malware solution and use this hack to launch a cyber attack. “Lumma is primarily designed to steal Credentials and other information from cryptocurrency wallets distributed through email, YouTube and Discord spam campaigns,” says Hafeez Rahman, technical team manager at Kaspersky.
Companies can help protect users, employees, and partners from threats by proactively monitoring for leaks and encouraging users to change leaked passwords immediately.
More information about the Infostealer threat is gathered on the Kaspersky Digital Footprint Intelligence website.
