The hackers are selling digital fingerprints, cookies, up-to-date logins, screenshots, and webcam snaps. New Zealand has been similarly affected, with over 6,000 Kiwis having their data stolen and sold.
The NordVPN research looked into three major bot markets. For clarity, “bot” here refers to data-harvesting malware and a bot market is an online marketplace hackers use to sell data they stole from victims' devices with bot malware. The data is sold in packets containing the full digital identity of a compromised person.
“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place. And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot,” says NordVPN CTO Marijus Briedis. “A simple password is no longer worth money to criminals when they can buy logins, cookies, and digital fingerprints in one click for just nine Australian dollars.”
|
|
The three major bot markets researchers analysed were the Genesis Market, the Russian Market, and 2Easy. Each market is active and accessible on the surface web at the time of analysis. The data on bot markets was compiled with independent third-party researchers specialising in cybersecurity incident research.
The most popular types of malware that steal data are RedLine, Vidar, Racoon, Taurus, and AZORult.
The data stolen includes screenshots, logins saved to the browser, digital fingerprints that make the user unique and aid in authentication, and autofill forms including names and emails and payment details.
These bot markets aren't only for sophisticated buyers; the data makes it easy for hackers to export data and even rookie cybercriminals can connect to somebody's Facebook account if there are cookies and digital fingerprints in place, allowing them to bypass multi-factor authentication.
A bad actor could then contact trusting friends to ask for money or send malicious links or post fake information on social media.
“Some tactics are even simpler. A hacker can, for example, take control of a victim’s Steam account by changing the password. Steam accounts are sold for up to $6,000 per account and can be easy money for a criminal,” Briedis says.
More sophisticated criminals buy this information and target businesses with phishing attacks, trying to impersonate the company’s employees.
“To protect yourself, use an antivirus at all times. Other measures that could help – a password manager and file encryptions tools to make sure that even if a criminal infects your device, there is very little for them to steal,” Briedis says.
Here is a NordVPN video on how the bad guys go about their tricks:
