Researchers Uncover 120,000 Infected Systems with Exposed Credentials for Cybercrime Forums
In a recent discovery, threat researchers from Hudson Rock, a leading threat intelligence company, have found that over 100,000 computers, many belonging to hackers, have been compromised by info-stealing malware. Through an analysis of publicly available leaks and info-stealer logs obtained from threat actors, the researchers were able to gather data on more than 140,000 credentials for cybercrime forums.
Interestingly, the analysis revealed that passwords used for hacking forums were generally stronger than those used for government websites. This finding sheds light on the precautions taken by hackers to protect their own accounts within their respective communities.
The compromised computers were inadvertently infected by hackers who fell victim to fake software promotions or infected software downloads through YouTube tutorials. These infections occurred opportunistically, affecting all users, including less skilled hackers seeking shortcuts in their activities.
By examining the info-stealer logs, the researchers were able to identify the real identities of the compromised computer owners. Additionally, the researchers discovered additional credentials, auto-fill data containing personal information, and system information on the infected systems. This information allowed them to determine that over 57,000 compromised users had accounts on the Nulled[.]to community, known for its cybercriminal activities.
It is worth noting that while passwords for hacking forums exhibited strength, there were instances of weak passwords, such as consecutive numbers, indicating a lack of interest in active participation within the community. Many hackers simply used these accounts to keep informed about discussions, data for sale, or for timely access to the forum.
Remarkably, the credentials for cybercrime forums were found to be stronger overall compared to logins for government websites, although the margin was not significant. Hudson Rock attributed most of the infections to three popular info-stealers: RedLine, Raccoon, and Azorult.
This recent revelation highlights the importance of robust cybersecurity practices and serves as a reminder that even hackers themselves can fall victim to malicious attacks. Cybersecurity remains a critical aspect of our digital landscape, necessitating the continuous improvement of defenses against info-stealing malware.
The researchers also discovered that the credentials for cybercrime forums were generally stronger than the logins for government websites, although the difference is not large. according to Hudson Rock, most of the infections were from just three info-stealers, which also happen to be popular choices with many hackers: RedLine, Raccoon, and Azorult.