Stolen online identities of 50,000 Malaysians sold on bot markets

Stolen online identities of 50,000 Malaysians sold on bot markets

For just RM27, criminals can have access to the full digital identity of a compromised person.

Bot markets make it easy for hackers to exploit the victim’s data.
PETALING JAYA:
At least five million people, including 50,000 Malaysians, have had their online identities stolen by hackers and sold on bot markets for RM27 each on average, according to a research conducted by cybersecurity company NordVPN.

“Taking into consideration the number of internet users in Malaysia, this is a high number compared to other Asian countries. For example, Japan had 13,000 people affected, but the number of internet users in Japan is almost five times higher,” NordVPN said in a statement today.

Explaining what a bot is, NordVPN said this refers to data-harvesting malware.

“Bot markets are online marketplaces hackers use to sell data they have stolen from their victims’ devices with bot malware.

“The data is sold in packets, which include logins, cookies, digital fingerprints, and other information – the full digital identity of a compromised person,” it said.

What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place, says NordVPN CTO Marijus Briedis.

“And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot.

“A simple password is no longer worth money to criminals, when they can buy logins, cookies, and digital fingerprints in one click for just RM27,” he added.

It found the most popular types of malware that steal data are RedLine, Vidar, Racoon, Taurus and AZORult.

According to NordVPN, a person’s digital fingerprint includes screen resolution, device information, default language, browser preferences and other information that makes the user unique.

Many online platforms track their users’ digital fingerprints to make sure they properly authenticate them. During the research, 81,000 stolen digital fingerprints were found on the analysed bot markets.

When a virus attacks the user’s device, it may grab logins saved to their browser. The research found 26.6 million stolen logins on the analysed markets. Among them were 720,000 Google logins, 654,000 Microsoft logins, and 647,000 Facebook logins.

The research also found 667 million stolen cookies on the analysed bot markets. These are also usually stolen from a user’s browser and help criminals bypass two-factor authentication.

A perfect crime using bots

The scariest thing about bot markets is that they make it easy for hackers to exploit the victim’s data. Even a rookie cybercriminal can connect to someone’s Facebook account if they have cookies and digital fingerprints in place, which help them bypass multi-factor authentication.

After logging in to a user’s account, a cybercriminal can try contacting people on a victim’s friends list and send malicious links or ask for a money transfer. They can also post fake information on the victim’s social media feed, the company said.

“Information stolen from autofill forms or just by taking a device screenshot can help these actions look more believable and trustworthy. And you will have no way to detect who used your data.”

More sophisticated criminals buy this information and target businesses with phishing attacks, trying to impersonate the company’s employees.

“To protect yourself, use an antivirus at all times. Other measures that could help – a password manager and file encryption tools to make sure that even if a criminal infects your device, there is very little for them to steal,” adds Briedis.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.