Once malicious software has been installed on the victim’s computer, it creates stealer logs or documents where it collects all the stolen data. Like a well-trained dog, the virus sniffs through the computer and detects valuable information about the victim and their hardware. All the stolen data creates a person’s digital identity.
The data about bot markets was compiled in partnership with independent third-party researchers specializing in cybersecurity incident research. No information that relates to an identified or identifiable individual was collected, reviewed, or otherwise involved when performing the research and preparing the study. Moreover, the researchers did not access the dark web. Data was received on September 29, 2022.
The most popular types of malware that steal and gather data include RedLine, Vidar, Racoon, Taurus, and AZORult. RedLine is the most prevalent of them all. For example, in the Russian market, it takes more than 60% of the whole marketplace. According to TechRadar, RedLine has recently been used to hack the 2K Games helpdesk platform. The attackers opened fake support tickets and then shared RedLine malware in the reply section.
Malware divides the information extracted from each victim into separate folders. Then the owner of the virus places these packets of scrapped data (bot logs) in the marketplace and puts a price on them. It differs depending on the information that the stolen log includes. For instance, if the malware managed to grab the victim’s credit card credentials, such a bot log may have a higher price than the one which includes less important credentials.
All researched markets manage transactions only in cryptocurrencies. In the Genesis market, users can filter their search to find the data they are looking for (for example, logins for a Netflix account). Next to each bot log, a customer can see what stolen data it includes, when the log was updated, and what the price is. After making the payment, a user receives the stolen data. The 2easy and Russian markets have more or less similar payment procedures and bot search filters.
The short answer to both questions is cybercriminals, in most cases. The spectrum of buyers is broad, from ransomware groups who organize cyberattacks to individuals who seek to compromise someone they know.
With the information grabbed by infostealers, hackers can do much harm. For example, after malware steals credit card information or online banking credentials, cybercriminals can use the victim’s account for their own benefit. They could also expose their victims’ private conversations, photos, and browsing history. Such information could be used in social engineering schemes. Alternatively, attackers might delete or lock all of the victim’s accounts (such as Netflix, Spotify, or Steam.)
Your digital safety depends on a few things: your online habits and the tools you use for protection.
You should never click on suspicious links or download files from shady websites and torrent clients. They’re unsafe and illegal – in other words, a perfect nest for malicious software.
You should avoid saving passwords in your browser – a virus could instantly steal them. We recommend using a password manager such as NordPass. It will protect your credentials with an extra layer of encryption.
A threat protection tool blocks online trackers, scans files for malware, and stops potential malware attacks. Combined with a strong antivirus, this tool becomes a malware antidote you won’t regret having.
Save your files in an encrypted cloud like NordLocker. It’s an easy-to-use tool that ensures privacy and security for stored documents.
NordVPN began surveying citizens of different countries to learn about people’s digital habits. We’ll continue to update the numbers as more results come in. Here’s what we’ve found out so far.
Our analysis uses data provided by independent researchers to see just how widespread payment card data theft can be. Find out how thieves can get card details without ever even stealing them.
Eighty-seven percent of people surveyed are concerned about how the metaverse could affect their privacy. They think it might be easy for hackers to impersonate others (50%) and users’ identities won’t be legally protected (47%).
For more information on this in-depth cautionary research report, contact us below!
We value your privacy