A new report on hackers shows what the thriving black market for stolen data is promoting as top offers: Cryptocurrencies are particularly popular with criminals, as well as data from web browsers such as credit card numbers and access data, which were mostly stolen via infostealers.
Trend Micro researchers compared the 16 most active infostealer malware variants (malware used to steal data) on two darknet marketplaces (Russian Market and 2easy.shop) and created a risk matrix. The study shows how vulnerable data stolen by hackers is once it falls into the hands of other cybercriminals. First and foremost are cryptocurrency wallets and data from web browsers such as website login details and stored credit card information. These are the easiest for fraudsters to use, which is why they are particularly easy to monetize and are therefore traded frequently.
Other categories of data, such as Wi-Fi network login credentials and screenshots, are not as easy to sell and misuse, which is why they are considered less risky. Specialized types of access data, such as those for FTP and VPN software, pose a medium risk.
Websites and countries particularly affected
Google.com accounts for the most stolen credentials for websites sold through 2easy.shop, followed by the Microsoft login site Live.com, Facebook and Instagram. The report also lists the countries most at risk of data theft, taking into account the number of active internet users per country. Portugal is at the top with 7.368 stolen logs per 1 million users, followed by Brazil (3.717) and Greece (3.284). Germany and Austria are ranked 16th and 13th on the list, respectively.
Due to the continued high volume of stolen data on underground cybercriminal marketplaces, infostealers pose an ever-increasing threat. The data can be sold to other criminals, used for identity fraud, or even used to log into corporate networks. The ongoing work-from-home trend has also created new opportunities for infostealer attacks, the report warns.
Recommendations for protection
Despite the large number of existing Infostealer variants, the Trend Micro report also shows that only a few have a large presence in the underground data marketplaces. In practice, this means that companies should focus their defense measures on the info stealers that are currently most popular. The extended tests by the AV-TEST laboratory also show how well protection software can hold its own against info stealers: The Trend Micro solution against info stealers was also tested there.
“Crypto assets are like cash, which is why users should store them in a digital safe. Cybercriminals can also cause a lot of damage with access data for Internet sites. A password manager or something similar is therefore definitely recommended,” advises David Sancho, Senior Threat Researcher at Trend Micro. “Ultimately, private users and businesses should know which data they need to pay the most attention to. With our study we want to support you in properly prioritizing your protective measures.”
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.