26.6 million login credentials obtained by cybercriminals since 2018

global map with code over it and the word hacked in red letters

Image via Pixabay

Since 2018, five million people across the globe had their data stolen. A NordVPN study found that cybercriminals were able to obtain extremely sensitive user data including 26.6 million usernames and passwords. Among them were 720 thousand Google logins, 654 thousand Microsoft logins and 647 thousand Facebook logins.

The average price for a person’s digital information on the bot markets is $6. Moreover, because the malware steals logins together with cookies and device configuration information, cybersecurity experts say that the rise of this malware will help hackers to bypass multi-factor authentication (MFA).

After logging in to a user's account, a cybercriminal can try contacting people on a victim’s friends list and send malicious links or ask for a money transfer. They can also post fake information on the victim’s social media feed.

Researchers analyzed three major bot markets: the Genesis Market, the Russian Market and 2Easy. All of the markets were active and accessible on the surface web at the time of analysis. The data on bot markets was compiled in partnership with independent third-party researchers specializing in cybersecurity incident research.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.