India users’ data most common in cyber crime markets: NordVPN

At least 12% of all unique user data found in cyber crime marketplaces belonged to Indians, a report by Panama-based virtual private network (VPN) service provider NordVPN said on Thursday. It further added that personally identifiable information of users — which include passwords, financial information and even cookies stored on a device — can be purchased from these so-called ‘bot’ marketplaces for less than 500.

The ‘bot’ market refers to cyber crime marketplaces that update user data regularly for as long as the malware remains active on a user’s device. While NordVPN tracked data belonging to 5 million unique users around the world, data of Indian users topped the chart — with over 6 lakh users found in popular bot market databases.

To be sure, the report covers databases that are actively updating user data, and not data dumps of old data. The latter, though more common, attracts lesser interest and price among cyber criminals since old data may often be ineffective or irrelevant for future breaches. For instance, on December 2, a report by homegrown cyber security firm Cloudsek disclosed personal and health data of 1.5 lakh users from a Tamil Nadu hospital being sold. The data, which was from a database up to 15 years old, was being sold for around 8,000 on a popular data marketplace.

Industry experts, however, stated that such old databases are likely of not much value.

Among databases scanned by NordVPN, the types of information found in the databases include stolen login information of Google, Microsoft and Facebook accounts, cookies, digital footprints, and autofill addresses.

Stealing ‘cookies’ — bits of code that contain information unique to a user — from their device can allow a cyber attacker to bypass two-factor authentication. Digital footprints, meanwhile, include information such as network and device data, and can often be used by scammers for identity thefts. Autofill information, too, can be used in identity theft scams, since they include data such as saved addresses, phone numbers and information on family members.

Marijus Briedis, chief technology officer of NordVPN, said that such databases are of greater value to attackers. “After the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot,” he said.

Briedis added that such databases are also sold as a per-service model. “Steam accounts are sold for up to $6,000 per account, and can be easy money for a criminal,” he said.

The data published by NordVPN was sourced as of September 29, the company said in its research methodology.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.

More
Less

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.