![]() The main operators will go after people’s cryptocurrency wallets to try to drain them. For instance, they might keep for themselves anything to do with cryptocurrency. In the case of stealer-as-a-service, Schwartz says owners won’t share their more lucrative activity. For example, some services can be rented for $150-200 per month. One might wonder why threat gangs offer Malware-as-a-Service subscriptions instead of cashing in directly on stolen data. Most of their targets are in the United States, Brazil, India, Germany and Indonesia. The groups identified by Group-IB appear to orchestrate their attacks through Russian-language Telegram groups. Actors can sign up to be an affiliate or purchase an information-stealing Malware-as-a-Service. These developers then get a cut of the illegitimate proceeds. Mathew Schwartz, an executive editor of DataBreachToday, points out that lots of attackers work in groups that maintain ransomware. Payment records and crypto wallet information are also being stolen by info-stealer malware. The cyber gangs mainly use Racoon and Redline stealers to obtain credentials for accounts on Amazon, PayPal and gaming accounts like Steam and Roblox. ![]() Group-IB identified 34 Russian-speaking groups responsible for info-stealing malware offered as a stealer-as-a-service model. So threat actors have pivoted to other money-making tactics. While ransomware continues to be a huge threat, law enforcement efforts have made things more difficult for ransom gangs. Like many businesses, cyber groups seek to diversify the way they make money. The Diversification of Cyber CrimeĬyber crime is big business. According to Group-IB, in the first seven months of 2022, multiple groups collectively infected over 890,000 user devices and stole over 50 million passwords. The rising use of info stealers is alarming, to say the least. After a successful attack, actors can use the data to access accounts for financial gain, or they can sell the information on the dark web. Info stealers can also collect bank card details and crypto wallet information from infected computers. An info stealer is a type of malware that infiltrates credentials stored in browsers, gaming accounts, email services and social media. The intruder didn’t only infiltrate Slack: Uber’s domain admin, Amazon Web Services admin and GSuite were reportedly among the company’s compromised accounts.Īs per Group-IB, the hacker gained access to Uber’s systems using credentials compromised with the Racoon stealer. But the reality was not funny in the slightest. It said, “Hi I announce I am a hacker and Uber has suffered a data breach.”Īt first, many thought it was a joke. ![]() On September 15, 2022, Uber employees logged on to see an unexpected message on the company’s Slack channel.
0 Comments
Leave a Reply. |