A recent study revealed that over 15 billion credentials are in blood supply via the dark web, representing a 300% increase since 2018. Available information ranges from network access credentials, banking login data, and even streaming services accounts from Netflix.
According to research conducted by the cybersecurity firm Digital Shadows, part of the leaked data is even circulating free of charge.
The report warns that the reason that so many account credentials are available on the web is that individuals are using non-complex passwords that may be easily brute-forced using hacking tools.
Access to corporate networks as an open door for ransomware attacks
Among the most valuable leaked credentials include access to corporate networks. This data type can fetch prices as high as $120,000, and have a typical cost of $3,139, depending on factors like the company’s revenue.
The blood supply of such data signifies that ransomware gangs may use such access to infiltrate an entire network. This will allow them to deploy the malware of these choice, and ultimately hold these networks for ransom.
Bank login details from folks are being sold by having an average price of $70.91, while access for antivirus programs costs $21.67 on average.
Enabling two or multi-factor authentication to secure login credentials
Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab Emsisoft, warned:
“An enormous number of users’ credentials are exposed on a daily basis in a myriad of ways, from phishing to malware attacks to data breaches. The consequences of exposure may be minor, such as in the case of leaking Netflix logins, or extremely serious – leaked banking credentials, for example.”
While there is no “silver bullet” to this problem, Callow says that people can limit the likelihood of their accounts being compromised by utilizing strong passwords, “never reusing passwords using an antivirus solution, keeping their operating system current with patches and, most importantly, using two- or multi-factor authentication on all services which support it.”
Research by cybersecurity firm, Cyble Research Team, revealed that on May 29, data for significantly more than 80,000 credit cards were put up available on the dark web. The data from these cards has been gathered from various countries around the world.
Cointelegraph also reported that the hacker gang known as “Keeper” established an interconnected network to steal credit card data from over 570 ecommerce sites. Since 2017, they will have profited around $7 million in crypto by attempting to sell card information through the dark web.