Credentials for Cybercrime Forums Found on Roughly 120K Computers Infected with Info Stealers

Cyber Security Threat Summary:
Hudson Rock, a threat intelligence firm, uncovered cybercrime forum credentials on about 120,000 computers infected with various info-stealer malware. These compromised computers, spanning from 2018 to 2023, were largely owned by threat actors themselves. The analysis of over 14.5 million infected computers revealed hackers' identities through additional credentials, autofill data, and system info. Leading forums in infections were "Nulled[.]to," "Cracked[.]io," and "Hackforums[.]net." Notably, cybercrime forum passwords were found to be stronger than those for government websites. Infections were mainly attributed to Redline, Raccoon, and Azorult. Key infected countries were Tunisia, Malaysia, Belgium, Netherlands, and Israel. The trend of info-stealer infections skyrocketed by 6000% since 2018, becoming a major attack vector for cybercriminals engaging in ransomware, breaches, account takeovers, and espionage. Hudson Rock's report concludes with this assessment.

Security Officer Comments:
The report from Hudson Rock sheds light on how APT groups and nation-state actors are using info stealers. Around 120,000 compromised computers, some owned by threat actors, had cybercrime forum credentials. The report highlights how researchers traced hacker identities and found that some forums had stronger passwords. The number of info-stealer infections has surged incredibly since 2018, becoming a major way for cybercriminals to attack organizations with things like ransomware. This report shows the global impact of cybercrime and the need for better cybersecurity.

Suggested Correction(s):
To stay safe from cyber threats like stolen credentials and info-stealer malware, organizations should update their systems regularly and use strong passwords. Teach employees about good password habits and the risks of reusing passwords. Add an extra layer of security with multi-factor authentication. Use tools to detect unusual activities and remove any hidden threats. Work with experts to stay informed about new dangers. These steps will help protect against cyber attacks.