26.6 million login credentials obtained by cybercriminals since 2018

global map with code over it and the word hacked in red letters

Image via Pixabay

Since 2018, five million people across the globe had their data stolen. A NordVPN study found that cybercriminals were able to obtain extremely sensitive user data including 26.6 million usernames and passwords. Among them were 720 thousand Google logins, 654 thousand Microsoft logins and 647 thousand Facebook logins.

The average price for a person’s digital information on the bot markets is $6. Moreover, because the malware steals logins together with cookies and device configuration information, cybersecurity experts say that the rise of this malware will help hackers to bypass multi-factor authentication (MFA).

After logging in to a user's account, a cybercriminal can try contacting people on a victim’s friends list and send malicious links or ask for a money transfer. They can also post fake information on the victim’s social media feed.

Researchers analyzed three major bot markets: the Genesis Market, the Russian Market and 2Easy. All of the markets were active and accessible on the surface web at the time of analysis. The data on bot markets was compiled in partnership with independent third-party researchers specializing in cybersecurity incident research.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.