Home TECH malware attack: Number of devices hit by data-stealing malware rises over 600%...

malware attack: Number of devices hit by data-stealing malware rises over 600% in three years: Kaspersky

The number of devices compromised with data-stealing malware has increased more than 600% in the past three years, according to cybersecurity firm Kaspersky. Kaspersky’s Digital Footprint Intelligence data showed the number of personal and corporate devices compromised with data-stealing malware reached 10 million in 2023, registering a 643% increase over the past three years.

According to Kaspersky’s data, 443,000 websites worldwide have experienced compromised credentials in the past five years.

Elevate Your Tech Prowess with High-Value Skill Courses

Offering College Course Website
IIT Delhi IITD Certificate Programme in Data Science & Machine Learning Visit
IIM Lucknow IIML Executive Programme in FinTech, Banking & Applied Risk Management Visit
Indian School of Business ISB Professional Certificate in Product Management Visit

The .com (dot com) domain led the list of compromised accounts, followed by Brazil (.br), India (.in), Colombia (.co), and Vietnam (.vn).

“In the .in domain, associated with India, compromised accounts reached over 8 million in 2023,” it said.

“According to Kaspersky’s assessment, the number of infections that occurred in 2023 is projected to reach roughly 16,000,000,” it added, noting an increase in the threat posed by data-stealers for both consumers and businesses.

Cyber criminals steal an average of 50.9 log-in credentials per infected device, it said, adding that these credentials may encompass log-ins for social media, online banking services, crypto wallets, and various online services including email.

Discover the stories of your interest

The data, which drew insights from infostealer malware log files traded on underground markets, showed the actual number of infections is likely to be even higher than 10 million. “The dark-web value of log files with login credentials varies depending on the data’s appeal and the way it’s sold there. Credentials may be sold through a subscription service with regular uploads, a so called ‘aggregator’ for specific requests, or via a ‘shop’ selling recently acquired login credentials exclusively to selected buyers. Prices typically begin at $10 per log file in these shops,” said Sergey Shcherbel, a cybersecurity expert at Kaspersky Digital Footprint Intelligence.