1.2TB of Private Data Stolen From Facebook, Netflix, Amazon and More up For Sale for $100
A custom Trojan-type malware has infiltrated millions of computers and stole a large number of accumulated personal and private information in a span of years, according to a research by an online security firm.
This is during the several cyberattacks that made noise throughout the month, including the "rockyou2021.txt" data breach where a 100GB .txt file with 8.4 billion entries, all consist of passwords from several accounts, were leaked in a hacker forum site.
The said leak was inspired by the RockYou data breach of 2009, where more than 32 million user passwords that was stored in RockYou's database in plain text were stolen by online attackers.
Hackers are not after governments. They’re after everyone.— NordLocker (@NordLocker) June 9, 2021
Here’s how one piece of malware infected 3 million computers and stole their files, passwords, and cookies.
Check it out: https://t.co/4geKHDN1vI pic.twitter.com/AZ05c3ctDO
A Two-Year Data Breach
In a report by NordLocker, the said custom Trojan-type malware stole a total of more than 1.2 terabytes of data, including nearly 26 million log-in credentials that hold 1.1 million unique email addresses, more than 2 billion cookies, and 6.6 million files, from more than 3 million computers in a span of two years from 2018 to 2020.
According to PCMag.com, the said stolen data included files from the victims' Desktop and Downloads folders, as well as browsers, such as Google Chrome, that has over 19 million credentials stolen, and Mozilla Firefox, with over 3 million credentials stolen.
50 percent of these files, according to Hothardware.com, were plain .txt files, while other files collected by the said malware consist of over 1 million images, the most half of which are .png files, and over 650,000 Word and PDF files.
NordLocker's analysis also revealed that the malware itself also made a screenshot of what data it snatched while infecting a victim's computer. It also took pictures straight from its webcam.
According to the said report, 1.4 million credentials were stolen from social media sites are from Facebook, 197 thousand from online games came are from Roblox, 209 thousand from online merchants are from Amazon, and 170,067 from streaming services are from Netflix.
PCMag.com said that the malware involved was a disguised software compilation that includes an illegal copy of Adobe Photoshop 2018, a crack tool for Windows, and games that were cracked. The analysis also said that the malware was transmitted not just through illegal software but also through email.
This Trojan malware are available online for as little as $100, and they are low profile, which makes them unprotected and their creators unpunished. According to NordLocker, creators of malware often teach its buyers how to use it as well as to generate profit while stealing data.
How to Protect your Data from Malware
With cyberattacks such as the Trojan malware infestation, people are going cautious every time they log themselves in the internet. With that said, several security methods were made in order to protect them against these kinds of attacks.
NordLocker suggested that users need to install an antivirus software, as it was still one of the most reliable tools that will protect their system. It is also imperative that these software needs to be up-to-date.
There are good anti-virus software that are in the market and usually used by many. Example of which are Avast, Karpersky, AVG, and Avira. NordLocker also said that users need to practice proper "cyber hygiene," or common habits that users in the internet must observe.
This includes, according to CBSNews, practicing using multifactor authentication in their accounts, backing up their data offline by using external hard drives, using internal firewalls within their network, understanding the risks and vulnerabilities of remote access to networks, and avoiding phishing emails.
Users should also update their accounts' passwords into stronger ones, as well as download the software they needed from trusted sources, block any third-party cookies, and always encrypt the date that they are keeping or sending.