A new report by Cybernews and Forbes has found a historic data breach that stole more than 16 billion login credentials. Analysts are calling it the biggest data leak ever reported. Some even go to the level of calling it the mother of all data breaches.
The report claims that accounts were hacked and data was extracted using infostealer malware. Forbes reports that researchers involved in a months-long investigation found several infostealers were used for the password leak of this scale.
After hacking billions of login credentials from Google, Apple, VPNs and Telegram, cybersecurity researchers found that the hackers put up the data for sale online. Reports quoting experts believe that in the coming days, this breach can lead to possible identity theft, phishing attacks, and account takeovers all over the world.
What is an Infostealer?
Infostealer is a type of malware employed to gather sensitive information stored on a device. The malware enables an attacker to perform further cybercriminal activity on the hacked device. After the device is attacked, the hacker can perform activities like identity theft, financial fraud or extortion, account takeover, and ransomware attacks.
After the hacker gets access, the Infostealer uses various techniques to acquire data after the hacker gets access to the device, like a computer or phone. The hacker can steal data in various forms. Hackers can take control of your credentials, browser data, messaging and email chat logs, documents, and machine-specific properties.
Once the infostealer is installed, it starts to collect data from the infected system. The malware does not take much time to infect and take control of the system. It usually takes as little as one minute to collect the targeted data and gather the data.
How To Protect Yourself From an Infostealer Attack?
Once the data is collected, infostealers often sell or trade it in centralized ad hoc marketplaces or platforms, such as Telegram.
Infostealer malware attacks pose a significant threat to common people and organizations alike. This malware silently steals sensitive data, including login credentials, financial information, and personal details. The best practice to secure yourself from such malware attacks is by implementing strong password hygiene. You can also enable multi-factor authentication and update software in a timely manner.
