Report says over 10 million devices were infected by data-stealing malware in 2023
The internet is becoming more and more like the wild, wild, west according to a report from cybersecurity firm Kaspersky (via The EconomicTimes) which says that the number of devices infected by malware designed to steal personal data increased by more than 600% over the last three years. Over 10 million personal and company devices were infected with malware in 2023, a 643% hike during the last three years. And the attackers are able to steal an average of 50.9 log-in credentials from each infected device. Such credentials include log-ins for online banking apps, crypto wallets, social media accounts, and email.
The report added that 443,000 websites worldwide had compromised credentials over the last five years. Of those compromised sites, the .com domain had the largest number of compromised accounts at 326 million. That was followed by the 29 million compromised accounts connected with the Brazil (.br) domain, the 8 million accounts compromised with the India (.in) domain, and the 6 million and 5.5 million compromised accounts connected to Colombia (.co), and Vietnam (.vn) domains respectively.
The report states that each infected device gives attackers 50.9 log-in credentials for financial, social media email apps, and more
Kaspersky estimates that the number of data-stealing infections impacting both consumer and business users reached 16 million. Sergey Shcherbel, a cybersecurity expert at Kaspersky Digital Footprint Intelligence, said, "The dark-web value of log files with login credentials varies depending on the data's appeal and the way it's sold there. Credentials may be sold through a subscription service with regular uploads, a so-called 'aggregator' for specific requests, or via a 'shop' selling recently acquired login credentials exclusively to selected buyers. Prices typically begin at $10 per log file in these shops."
It is frightening to understand that the usernames and passwords that you use to log-in to your financial apps including banking, securities, and credit cards are being sold or traded on the dark web. Patrick Tiquet, vice president of security and architecture at Keeper Security, said that cyber-criminals are highly motivated with such huge rewards possible. They also have plenty of tools at their disposal. "These tools will continue to evolve, just as defensive tools do, with threat actors continuously refining their attacks to evade detection and utilizing new tools like AI to perform them at a larger scale," Tiquet said.
Things that are NOT allowed: