Tuesday, November 12, 2024
HomePassword AttacksBeware!! 15 Billion Stolen Username & Passwords for Sale On the Dark...

Beware!! 15 Billion Stolen Username & Passwords for Sale On the Dark Web

Published on

Malware protection

New research indicates that more than 15 billion username and passwords are circulated on the dark web. This exposed credentials would result in account compromise.

Account Takeover (known as ATO) is a malicious activity in which attackers take over legitimate user’s online accounts.

We rely on passwords to safeguard our online sensitive data such as our financial documents, personal information, and other sensitive documents.

- Advertisement - SIEM as a Service

Attackers target all types of your online accounts not only limited to e-commerce or financial accounts, but they also use to target all types of accounts including streaming and cable TV subscriptions to VPNs and adult websites.

15 Billion Stolen Credentials

According to the report “From Exposure to Takeover” published by Digital Shadows Photon Research Team, more than 15 billion credentials are circulated in the dark web have yielded a 300 percent increase in stolen credentials since 2018.

The stolen credentials found to be harvested from 100,000-plus discrete breaches, among that 5 billion of them are unique.

Unsurprisingly banking and financial credentials are highly targeted, those credentials are found in huge volumes.

Researchers also spotted “some criminal advertisements for domain administrator accesses (login details, credentials or sensitive files from an organization or individual’s machine, used to access systems/infrastructure, data, bank accounts, and/or other accounts)”

Those credentials result in a simple account to entire organization compromise, they are “sold or auctioned for an average of $3,139 and up to $140,000.”

Also, domain administrator access ads with descriptions including “petrochemical company,” “cybersecurity company,” “architecture and engineering company,” “petroleum company,” “big university,” and various state governments are advertised.

As expected the banking & Financial accounts costs are higher among others, the average cost is under $71 and it is growing up to $500.

Following is the list of breakdown of different account listings

“Users of Russian-language cybercriminal forums like Exploit and XSS often freely share credentials for entertainment services with other forum members.”

Attacking Tools Found

Brute-force cracking tools also sold at hacker forums for an average of $4, “some advertisements were super vague―“USA Bank login Cracker Bruter”―but others were targeting a specific service, like Hulu, Minecraft, or Spotify.”

Some advertisements also include Burp Suite Professional application, Hydra, login cracker, Zeus and WarBot botnets, and Sentry MBA account cracker.

In case of credentials stuffing tools OpenBullet a new credential stuffing tool gains popularity over Sentry MBA. The tool gains popularity for it’s customized configurations, and lower CPU usage.

“OpenBullet includes multiple tools that can be used for scraping and parsing data, automated penetration testing and unit testing with Selenium”

Following are the 10 sectors with most breached credentials

Technology credentials represented 31, following to that food-and-beverage and financial services, at 16 percent and 14 percent.

Monitoring network activity, Monitor for leaked credentials of your customers. increasing user awareness and Implement multi-factor authentication that doesn’t use SMS messages are the best way to mitigate password thefts.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Dark Web Secrets: What Should You Know About Your Information Being on the Dark Web?

Hackers Selling More than 200 Million Stolen Data from Chinese Hotel Chain in Dark Web

List of Top Ten Dark Web Activities That Alerts Organizations a Possible Breach by Hackers

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors...

10 Best WiFi Hacking Apps for Android – 2024 Edition

In this article, we are sharing the top “Wi-Fi hacking Apps“ for Android applicants....

Brutespray – Port Scanning and Automated Brute Force Tool

Brutespray is a Python script that provides a combination of both port scanning and automated...