Victor Ezeja
AdminThe threat of personal and professional data being stolen by nefarious actors in the cyberspace is greater now than ever with Nigerians’ increasing predilection for remote work and the popularity of cloud storage solutions in the country.
Also creating new vista for infostealer attacks is the Black Friday sales that attract massive online shoppers at this time of the year. These revelations were made by the cyber security company, Trend Micro Incorporated in a report titled, “Your stolen data for sale”.
The study which details the risks associated with data theft and its subsequent misuse, reveals that the risk of data theft is greater than ever, with the value of stolen data continuing to increase on the black market and infected computers often located in developing countries.
During the first half of 2023, around 2.4 million malware families were blocked in Nigeria by Trend Micro which identified browser data as the number one target for data stealers. Once a victim is infected, their data get extracted from the machine and put up for sale.
Infostealer malware is currently responsible for most of the stolen data being sold on the criminal underground. It’s a type of malicious software that cybercriminals use to extract sensitive information from a victim’s computer or mobile device.
Technical Lead, African Cluster at Trend, Emmanuel Tzingakis disclosed that “It’s essential for individuals and businesses alike to understand the market for stolen data. This will allow them to take the necessary precautions to safeguard themselves against data breaches and to implement strong security measures to protect their sensitive information.”
To help online users better understand the types of data that are most at risk, Trend Micro compared the 16 most active infostealers in recent years in terms of stealing capabilities and types of data each one targets. This yielded the following findings:
What is stolen data being used for?
Infostealers are specifically designed to steal data, such as credentials, credit card and financial information, and other critical information, that can later be used for other fraudulent activities.
This data, which can be stolen from the browser’s saved passwords or from browser cookies, could even allow the criminal to bypass multiple factor authentication (MFA).
However, this value is time-sensitive; it’s only good based on how long a session remains open with each affected account. The most common ways for hackers to monetise stolen credentials include: Draining cryptocurrency wallets. Making transactions on behalf of the user on e-commerce sites and banking sites.
Attacking the victims’ contacts. For example, performing the “stranded traveller” scam, which involves impersonating victims to contact their friends and ask them for money. Entering users’ organisations through their VPN credentials and performing lateral movement to gain a foothold in the organisation.
Which data is most valuable?
The value of individual stolen data varies depending on its type, quality, and availability. For example, credentials for a bank account with a high balance will be much more valuable than those for a social media account.
It’s perhaps not surprising then that browser data is by far the preferred target for data stealers, with its treasure trove of sensitive information, including authentication cookies, stored credit cards, credentials, passwords, and navigation history.
Together with cryptocurrency wallets, website credentials are also the type of data which is most easily monetised. Mail credentials, on the other hand, are as actionable as web credentials, but they are harder to find on underground marketplaces.
Other categories, like Wi-Fi credentials and desktop screenshots, are also not so easy to sell or abuse, and are therefore categorised as less risky.
Finally, the more data is available about an individual, the more valuable and susceptible to misuse and fraudulent activities it becomes.
“Personal data is and will continue to be a prime target for criminals because it’s easy to obtain and make money from. Therefore, data shops will remain a staple in criminal communities, showing no signs of dwindling anytime soon,” says Tzingakis.
“With the festive season fast approaching, online users will be at even greater risk from infostealers and should take particular care where specific types of data, such as their credit card details, are concerned,” he added.
Follow Us