An alarming number of 120,000 computers have been infiltrated by stealer malware, and the credentials obtained from these infected devices are linked to cybercrime forums, a significant proportion of which are owned by malicious actors.
In the realm of technology, the digital landscape is a complex and ever-changing system, with cyber threats and malicious activities continuously advancing and adapting.
Hudson Rock’s researchers have made a groundbreaking discovery by delving into the hidden world of forums. Their findings reveal alarming insights into the underpinnings of cybercriminal operations.
The Scale of the Investigation
Leveraging their formidable cybercrime intelligence database, which encompasses a staggering 14.5 million computers infected by info-stealing malware, Hudson Rock’s researchers embarked on a journey to analyze the top 100 cybercrime forums.
The magnitude of their findings has cast a revealing light on the tactics employed by cybercriminals and the extent of their reach.
The Identification of Hackers
One of the most compelling discoveries is the revelation that the compromised credentials of a staggering 120,000 infected computers were linked to cybercrime forums.
These credentials, ranging from usernames and emails to personal information, offer a deep dive into the lives of hackers.
Researchers successfully uncovered the true identities of malicious actors by analyzing their additional credentials, auto-fill personal information, and system details.
- Additional credentials found on the computers (additional emails, usernames).
- Auto-fill data containing personal information (names, addresses, phone numbers).
- System information (computer names, IP addresses).
HudsonRock Co-Founder and CTO Alon Gal informed Cyber Security news that “Nulled.to” is the top offender, with over 57,000 breached users. “Cracked.io” and “Hackforums.net” follow in second and third place with 12,818 and 15,916, respectively.
By dissecting user passwords across these platforms, researchers identified that the forum with the strongest passwords was “Breached.to,” while the weakest passwords resided on the Russian site “Rf-cheats.ru.”
“Too weak” are passwords with a length of less than 6 characters and only 1 type of character. “Strong” are passwords with at least 10 characters and 4 type of characters.
According to recent findings, the strength of passwords used on cybercrime forums surpasses that of those used on government websites. This phenomenon underscores the fact that hackers take great care to safeguard their illegally obtained profits.
Additionally, the prevalence of “very weak” passwords was significantly lower among these cybercriminals compared to industries like the military.
The research revealed that Redline was the most common info-stealer infection, with Raccoon and Azorult following closely behind.
These malware strains play a pivotal role in facilitating cybercrime activities and enabling hackers to amass sensitive information.
Global Insights into Cybercrime
Delving into the geographical dimension, the researchers highlighted the top five countries contributing to the cybercrime landscape.
- Tunisia (7.55% of total infections in the country)
- Malaysia (6%% of total infections in the country)
- Belgium (5.14% of total infections in the country)
- Netherlands (4.8% of total infections in the country)
- Israel (4.43% of total infections in the country)
Since 2018, there has been a 6000% increase in info-stealer infections, making it a concerning cybercrime trend.
These infections serve as the primary entry point for threat actors seeking to infiltrate organizations and orchestrate various forms of cyberattacks, from ransomware to corporate espionage.
Hudson Rock’s groundbreaking research has laid bare the inner workings of cybercrime forums and the hackers who inhabit them.
With a potent blend of advanced analysis and in-depth insights, the research underscores the need for constant vigilance and robust cybersecurity measures in the face of an ever-evolving cyber threat landscape.
The digital battlefield continues to expand, and as we navigate this challenging terrain, staying informed and prepared is imperative to safeguarding our interconnected world.
Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.