Sunday, April 11, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Billions of passwords now available on underground forums, say security researchers

July 9, 2020
in Internet Security
Best password managers for business in 2020: 1Password, Keeper, LastPass, and more
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Usernames and passwords for over 15 billion accounts, including network administrator accounts, bank accounts and streaming services are in circulation online, according to security company researchers.

Cybersecurity researchers at Digital Shadows spent 18 months analysing how hackers gain access to and use stolen account details and have detailed how account takeover has never been easier or cheaper for cyber criminals.

You might also like

Washington State educational organizations targeted in cryptojacking spree

Critical Zoom vulnerability triggers remote code execution without user input

Nation-state cyber attacks targeting businesses are on the rise

Such is the proliferation of stolen account credentials that large numbers are simply available for free when they’re shared on underground forums or pasted to the open web.

Many breached accounts are shared multiple times – suggesting that despite being hacked, the user remains unaware of what has happened. But despite that duplication, researchers say there’s still over five billion ‘unique’ accounts up for sale on the cyber criminal underground, providing buyers access to hacked online services.

The most valuable leaked credentials are those which provide administrator level access to organisations, with the most valuable being offered for up to $120,000, the company said. The average cost is $3,139, which is still a significant amount, but with the kind of access offered by administrator credentials cyber criminals could make what they pay for the information back many times over. Even if attackers are paying a six-figure sum for credentials, if they use that access to disrupt an entire network with a ransomware attack and demand millions of dollars in exchange for returning access, the criminals might consider the cost worth it.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)  

For consumer accounts, it’s bank login credentials sell for the highest value, with researchers noting that the average price stands at $70.91. The value for purchasing a bank account comes from the criminal being able to access any funds the victim has saved up – which could be thousands – as well as the ability to apply for credit cards, loans and other financial packages.

Perhaps surprisingly, the second highest costs for hacked accounts are for antivirus programs, which access can be purchased to for an average cost of $21.67 – which is much less than the cost of a legitimate yearly subscription.

“Much like with streaming accounts, it’s likely that many buyers are simply of the mindset that they do not wait to pay for a subscription to an antivirus service,” Alex Guirakhoo, threat research team lead at Digital Shadows told ZDNet.

Accounts form media streaming services, VPNs, file sharing accounts and social media all trade for under $10. In cases like streaming services, the user could potentially provide their account credentials to a friend or family member anyway, so might not even notice their account is being used, let alone compromised.

Researchers warn that the reason that so many account credentials are available online – be they administrator passwords, bank details or a login for Netflix – is because people are using weak passwords which can easily be taken over with brute force cracking tools.

“These attacks are typically automated login attempts that use a predetermined list of access credentials—often, combinations of usernames or email addresses and plaintext passwords—sourced from previous data breaches or leaks,” said Guirakhoo.

“Credential stuffing tools are inexpensive to purchase and use, even offering some level of automation to make gaining account access a trivial task,” he added.

One way people – and businesses – can make it harder for their online accounts to be taken over is by using a unique password for each service, something which the use of a password manager could help with.

Users should also apply multi-factor authentication for an extra layer of protection, because even if the password is breached, there’s an alert which inform you that someone tried to get into your account.

But with over 15 billion accounts already compromised, it’s highly possible that yours could be among them. Anyone worried that their account might have been hacked should look to change their password.

“If you suspect your account has been compromised, you should immediately change your passwords – and for any other services where you have used the same password – and check for any fraudulent activity. This is where unique passwords come in handy,” said Guirakhoo.

READ MORE ON CYBERSECURITY

Credit: Zdnet

Previous Post

By Purity, Application, Regional Outlook and Forecasts to 2026 – Jewish Market Reports

Next Post

The Future of Marketing Events: COVID-19's Impact

Related Posts

Washington State educational organizations targeted in cryptojacking spree
Internet Security

Washington State educational organizations targeted in cryptojacking spree

April 10, 2021
Critical Zoom vulnerability triggers remote code execution without user input
Internet Security

Critical Zoom vulnerability triggers remote code execution without user input

April 10, 2021
Nation-state cyber attacks targeting businesses are on the rise
Internet Security

Nation-state cyber attacks targeting businesses are on the rise

April 10, 2021
These are the terrible passwords that people are still using. Here’s how to do better
Internet Security

These are the terrible passwords that people are still using. Here’s how to do better

April 9, 2021
Why do phishing attacks work? Blame the humans, not the technology
Internet Security

Why do phishing attacks work? Blame the humans, not the technology

April 9, 2021
Next Post
The Future of Marketing Events: COVID-19’s Impact

The Future of Marketing Events: COVID-19's Impact

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Why Machine Learning Over Artificial Intelligence?
Machine Learning

Why Machine Learning Over Artificial Intelligence?

April 11, 2021
27 million galaxy morphologies quantified and cataloged with the help of machine learning
Machine Learning

27 million galaxy morphologies quantified and cataloged with the help of machine learning

April 11, 2021
Machine learning and big data needed to learn the language of cancer and Alzheimer’s
Machine Learning

Machine learning and big data needed to learn the language of cancer and Alzheimer’s

April 11, 2021
Job Scope For MSBI In 2021
Data Science

Job Scope For MSBI In 2021

April 11, 2021
Basic laws of physics spruce up machine learning
Machine Learning

New machine learning method accurately predicts battery state of health

April 11, 2021
Can a Machine Learning Model Predict T2D?
Machine Learning

Can a Machine Learning Model Predict T2D?

April 11, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Why Machine Learning Over Artificial Intelligence? April 11, 2021
  • 27 million galaxy morphologies quantified and cataloged with the help of machine learning April 11, 2021
  • Machine learning and big data needed to learn the language of cancer and Alzheimer’s April 11, 2021
  • Job Scope For MSBI In 2021 April 11, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates