Infostealer to Ransomware Attack

Increasing Credential Exposure Due to Malware Infections

Credentials remain a prominent concern in the realm of cybersecurity incidents, and the Verizon 2022 Data Breach Investigations Report identifies them as one of the "four key paths to your real estate," accounting for 45% of non-error, non-misuse breaches. Though this issue has been recognized for some time, there is a troubling shift in the trend of exposed credentials.

Threat actors are deviating from traditional methods like account takeover, such as using credential pairs from combo lists for credential stuffing attacks. Instead, they increasingly gain access through alternative means, such as authentication data stolen directly from user devices and browsers that are infected with info stealers—malware specifically designed to surreptitiously harvest data.

While massive data breaches and leaks on the dark web that expose millions of passwords rightly grab attention, many individuals are unaware that malware-infected devices are just as likely to be the source of exposed passwords.

You might have heard about robot networks or "botnets" before. In the past, they were used to cause trouble by attacking websites and making them crash. But nowadays, the bad guys are using botnets in a different way. They spread something called "infostealers" on a larger scale.

Infostealers are like sneaky thieves for computers. They infect machines and steal important things like passwords and other information that can be used to pretend to be someone else online. It's all about money for these bad guys because stealing information can be very profitable. The stolen data they get from infostealers is worth a lot more than old data that has been on the dark web for a long time.

In 2022, around 721.5 million stolen credentials from the bad guys' secret places, and nearly half of those came from botnet logs.

The scary part is that info stealers are cheap and easy for the bad guys to use. They can sneak past security programs without leaving any trace, which makes it hard to know if there's a problem.

What makes info stealers even more dangerous is that they are very effective. The stolen credentials are fresh and valid, so they work perfectly for the bad guys. Plus, they can use stolen browser information to trick websites into thinking they're real users, even if the users have extra security measures. The growing popularity of malware-as-a-service models means that data siphoned in this manner will continue to grow in abundance.

Last year, there were more than 4 billion attempts to spread this sneaky malware, making it easier for the bad guys to get into companies and organizations. So, everyone needs to be careful online and protect their devices!

Even though businesses have been trying hard to educate users about the importance of strong passwords and cybersecurity, it seems that the message hasn't fully gotten through. The data from recent breaches shows that people still use weak passwords and often reuse them, making it easier for cyber attackers to cause harm. This is especially concerning when malware infects devices, as it puts both consumers and organizations at higher risk of identity exposure.

The situation becomes even more alarming when malware steals an employee's session cookies. This gives cybercriminals a way to log into corporate systems without needing passwords or even bypassing additional security measures like Multi-Factor Authentication (MFA).

Despite efforts to raise awareness and improve security practices, the persistent issue of weak passwords and malware-infected devices remains a major concern for businesses.

The risks of identity exposure and potential follow-on attacks, such as ransomware, are serious threats that should be taken seriously at all levels of an organization. To protect themselves and their customers, businesses must continue investing in cybersecurity measures, user education, and robust security protocols. Staying vigilant and proactive in combating cyber threats is essential in today's digital landscape.