Skip to content

Login details of over 5.87 million people found on sale online

  • by
  • 2 min read

Stolen data logs of over 5.87 million people across the globe were found on sale at online cybercriminals marketplaces, including Genesis, 2easy and the Russian market.

The stolen data logs include login credentials, browser cookies, digital fingerprints, autofill forms and screenshots, according to researchers at NordVPN. The attackers have seen collecting data using RedLine, Vidar, Racoon, Taurus and AzoRult malware. RedLine malware was used for collecting more than 60% of Russian market stolen databases.

About 2% of the logs contain digital fingerprints; each data log contains 54 stolen logins and two autofill forms.

The researchers found that the biggest of these three, Russian market, sells more than 3,870,000 logs from 225 countries.

Genesis, a marketplace for stolen data created in 2017, currently offers 24,153,964 stolen logins, 537,718 autofill forms, and 81,728 digital fingerprints. This data comes from 400,000 logs stolen from people in 225 countries.

Another one, 2easy, created in 2018, sells data from almost 600,000 logs stolen from people in 195 countries.

The average price of these data logs on these marketplaces ranges between $0.2 to $40, depending on the contents of the log. Per se, a bot log with credit card information or login credentials will fetch a relatively higher price.

This is an image of malware featured cybersecurity 1132 e1666861257804

People from India, Brazil, Indonesia, USA, Italy, Spain and France were the most affected by these data-stealing bot attacks.

What are bot markets? How do they work?

Bot markets are online marketplaces, like Amazon or Flipkart, except run by and for cybercriminals. These are usually found and used more often on the dark web, but some can also be found on the surface web.

The sellers — also cybercriminals — on such marketplaces use these bot stealers, which are malware designed to create logs of data that it steals, create different folders for different kinds of stolen data and link it to a person’s digital identity.

These data sets are then sold on marketplaces such as the ones mentioned above to buyers — also cybercriminals — who further use it for ransomware attacks, financial fraud, phishing or targeted attacks on a person or organisation.

In the News: Chrome update brings memory and battery savers

Prayank

Prayank

Writes news mostly and edits almost everything at Candid.Technology. He loves taking trips on his bikes or chugging beers as Manchester United battle rivals. Contact Prayank via email: prayank@pm.me

Related Reads

This is an image of hacked security illustration 11

Hackers are disguising Python malware as coding challenges, crypto devs targeted

Facebook rebrands to meta; aims to become a 'social tech' company

Meta resumes training AI models on EU user data

This is an image of chatgpt featured 213241

OpenAI announces improved GPT-4.1 flagship model

This is an image of phishing featured storyblocks

Cybercrime group rolls out major updates for on sale phishing tool

This is an image of scam call featured 1

China jails 9 for scamming over 66,000 Indians

What is a hack? 9 different types of hackers you must know about

SpyNote malware targets users through fake android apps

>