At least five million people have had their online identities stolen and sold on bot markets for 8 CAD on average. Out of all the affected people, 16 thousand people are from Canada.
This data comes from research by the cybersecurity company NordVPN, which looked into three major bot markets.
The word “bot” in this situation refers to data-harvesting malware. Bot markets are online marketplaces hackers use to sell data they have stolen l from their victims’ devices with bot malware.
The data is sold in packets, which include logins, cookies, digital fingerprints, and other information — the entire digital identity of a compromised person.
“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place. And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot,” says Marijus Briedis, CTO at NordVPN.
A virus might take a snapshot of the user’s screen during a malicious attack. It can even take a picture with the user’s webcam.
When a virus attacks the user’s device, it may grab logins saved to their browser. The research found 26.6 million stolen logins on the analyzed markets. Among them were 720 thousand Google logins, 654 thousand Microsoft logins, and 647 thousand Facebook logins.
Cookies were also usually stolen from a user’s browser and helped criminals bypass two-factor authentication. The research found 667 million stolen cookies on the analyzed markets.
During the research, 81 thousand stolen digital fingerprints and 538 thousand autofill forms were found on the analyzed market.
“To protect yourself, use an antivirus at all times. Other measures that could help – a password manager and file encryptions tools to make sure that even if a criminal infects your device, there is very little for them to steal,” adds Marijus Briedis.
By Shazia Nazir, Local Journalism Initiative Reporter, The Milton Reporter
Original Published on Jan 03, 2023