Number of devices hit by data-stealing malware rises over 600% in three years: Kaspersky

PTI Updated - April 13, 2024 at 09:47 AM.

The data, which drew insights from info-stealer malware log files traded on underground markets, showed the actual number of infections is likely to be even higher than 10 million

The number of devices compromised with data-stealing malware has increased more than 600 per cent in the past three years, according to cybersecurity firm Kaspersky.

Kaspersky's Digital Footprint Intelligence data showed the number of personal and corporate devices compromised with data-stealing malware reached 10 million in 2023, registering a 643 per cent increase over the past three years.

"According to Kaspersky's assessment, the number of infections that occurred in 2023 is projected to reach roughly 16,000,000," it said, noting an increase in the threat posed by data-stealers for both consumers and businesses.

Cyber criminals steal an average of 50.9 log-in credentials per infected device, it said, adding that these credentials may encompass log-ins for social media, online banking services, crypto wallets and various online services including email.

The data, which drew insights from infostealer malware log files traded on underground markets, showed the actual number of infections is likely to be even higher than 10 million.

"The dark-web value of log files with login credentials varies depending on the data's appeal and the way it's sold there. Credentials may be sold through a subscription service with regular uploads, a so called 'aggregator' for specific requests, or via a 'shop' selling recently acquired login credentials exclusively to selected buyers.

Prices typically begin at $10 per log file in these shops," said Sergey Shcherbel, a cybersecurity expert at Kaspersky Digital Footprint Intelligence.

According to Kaspersky’s data, 4,43,000 websites worldwide have experienced compromised credentials in the past five years.

The .com (dot com) domain led the list of compromised accounts, followed by Brazil (.br), India (.in), Colombia (.co) and Vietnam (.vn).

"In the .in domain, associated with India, compromised accounts reached over eight million in 2023," it said.

Published on April 13, 2024 04:17

This is a Premium article available exclusively to our subscribers.

Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

You have reached your free article limit.

Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

You have reached your free article limit.
Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

TheHindu Businessline operates by its editorial values to provide you quality journalism.

This is your last free article.