Published: August 11, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
The discovery of 1.2 TB of data stolen from 3.25 million Windows-based computers was an inadvertent gift from the hacking group that put it there. The group accidentally revealed the location where their stolen data was stashed. Security firm Nordlocker followed their faux pas and found the cloud database holding the hijacked data. The findings offered a staggering amount of PII (personally identifiable information), including 26 million passwords that were stolen from Windows users. The malware used for these attacks is nameless and custom made, making it extremely difficult to locate and track, including its ability to evade antivirus software. The good news is the cloud provider hosting the stolen data was notified so it could be removed.
Types and Extent of Stolen Data Revealed
Together with a third-party data breach research company, Nordlocker took a closer look at the amount and type of stolen data found that was collected between 2018 and 2020. They found that it includes the following breakdowns of the 1.2 TB of hacked data: 2 billion cookies with over 400 million (22%) still valid when the database was found; over 1 million website login credentials from sites like Facebook, Amazon, Gmail, and Twitter, for a total of 26 million passwords; 1.1 million email addresses; 6 million desktop and download folders containing over 1,000 different file types, including 3 million text files, 900,000 image files and 600,000 Word docs.
In this case, the malware is a type of Trojan that infects via email phishing and illegal software. Some of the software used to install the nameless malware are cracked (hacked) versions of the 2018 Photoshop (which was illegal), several games, and Microsoft Windows. Nameless, customized trojans like this one can be purchased online for a mere $100. Choosing not to name the malware provides a cloak of anonymity for the hackers. Keeping the trojan nameless allows for low profile attacks, helping the virus stay undetected by security software and lets the attackers get away unnoticed.
Don’t Become the Next Victim
These types of malware attacks can be avoided with help from these cyber-safe precautions:
With differing lengths for cookies to be valid, delete them on a monthly basis or more often
If you don’t want to be tracked, consider using a browser that hides your browsing activity
Use antivirus software and always keep it updated
Keep passwords safe, long, and unique for every online account and consider using a password manager for help if you just can’t remember them all. Keep in mind that if the password manager gets breached, so do your passwords
Never store login credentials in a web browser as the security is weak
Consider using an encryption tool, especially for your most sensitive PII, as malware can’t access read files
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org