Hackers: This is the data they are looking for most

Hackers: This is the data they are looking for most

Share post

A new report on hackers shows what the thriving black market for stolen data is promoting as top offers: Cryptocurrencies are particularly popular with criminals, as well as data from web browsers such as credit card numbers and access data, which were mostly stolen via infostealers.

Trend Micro researchers compared the 16 most active infostealer malware variants (malware used to steal data) on two darknet marketplaces (Russian Market and 2easy.shop) and created a risk matrix. The study shows how vulnerable data stolen by hackers is once it falls into the hands of other cybercriminals. First and foremost are cryptocurrency wallets and data from web browsers such as website login details and stored credit card information. These are the easiest for fraudsters to use, which is why they are particularly easy to monetize and are therefore traded frequently.

Other categories of data, such as Wi-Fi network login credentials and screenshots, are not as easy to sell and misuse, which is why they are considered less risky. Specialized types of access data, such as those for FTP and VPN software, pose a medium risk.

Websites and countries particularly affected

Google.com accounts for the most stolen credentials for websites sold through 2easy.shop, followed by the Microsoft login site Live.com, Facebook and Instagram. The report also lists the countries most at risk of data theft, taking into account the number of active internet users per country. Portugal is at the top with 7.368 stolen logs per 1 million users, followed by Brazil (3.717) and Greece (3.284). Germany and Austria are ranked 16th and 13th on the list, respectively.

Due to the continued high volume of stolen data on underground cybercriminal marketplaces, infostealers pose an ever-increasing threat. The data can be sold to other criminals, used for identity fraud, or even used to log into corporate networks. The ongoing work-from-home trend has also created new opportunities for infostealer attacks, the report warns.

Recommendations for protection

Despite the large number of existing Infostealer variants, the Trend Micro report also shows that only a few have a large presence in the underground data marketplaces. In practice, this means that companies should focus their defense measures on the info stealers that are currently most popular. The extended tests by the AV-TEST laboratory also show how well protection software can hold its own against info stealers: The Trend Micro solution against info stealers was also tested there.

“Crypto assets are like cash, which is why users should store them in a digital safe. Cybercriminals can also cause a lot of damage with access data for Internet sites. A password manager or something similar is therefore definitely recommended,” advises David Sancho, Senior Threat Researcher at Trend Micro. “Ultimately, private users and businesses should know which data they need to pay the most attention to. With our study we want to support you in properly prioritizing your protective measures.”

More at TrendMicro.com


About Trend Micro

As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.


Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Darknet job exchange: Hackers are looking for renegade insiders

The Darknet is not only an exchange for illegal goods, but also a place where hackers look for new accomplices ➡ Read more

Solar energy systems – how safe are they?

A study examined the IT security of solar energy systems. Problems include a lack of encryption during data transfer, standard passwords and insecure firmware updates. trend ➡ Read more