In light of a recent data breach reported by Cybernews, that saw 16 billion records exposed Kaspersky has weighed in
Kaspersky telemetry shows a 21% growth in password stealer attack detections globally from 2023 to 2024. Infostealer malware has become one of the most pervasive cyber threats, targeting millions of devices worldwide and compromising sensitive personal and corporate data. These malicious programs are designed to extract credentials, cookies, and other valuable information, which is then aggregated into log files and circulated on the dark web.
“16 billion records is a figure nearly double the Earth’s population, and it’s hard to believe such a vast amount of information could be exposed. This “leak” refers to a compilation of 30 user data breaches from various sources. These data sets (“logs”) are primarily obtained by cybercriminals through infostealers — malicious applications that steal information — and such incidents occur daily. Cybernews researchers collected this data over six months from the start of the year. Their dataset likely contains duplicates due to the persistent issue of password reuse among users. Therefore, although it was noted that none of the databases they found had been previously reported, this doesn’t mean these credentials hadn’t previously leaked from other services or been collected by other infostealers. This significantly reduces the potential number of unique and new user data in this collection, though determining an exact or even approximate figure is challenging without detailed analysis”, comments Alexandra Fedosimova, Digital Footprint Analyst at Kaspersky.
“Cybernews research speaks of an aggregation of several data leaks over a long period – since the start of the year. This is a reflection of a thriving cybercrime economy that has industrialised credential theft. What we’re seeing is part of a well-established cybercriminal market, where credentials are harvested via infostealers, phishing campaigns, and other malware, then collected, enriched, and resold — often multiple times. These so-called ‘combo lists’ are continuously updated, repackaged, and monetized by various actors on the dark web — and now increasingly on publicly accessible platforms”, comments Dmitry Galov, Head of Kaspersky Global Research and Analysis Team (GReAT) for Russia and CIS. “What’s notable in this case is not the fact of a large-scale breach – or several breaches – on its own, but that Cybernews claims that the datasets were temporarily publicly exposed through unsecured channels, making them accessible to anyone who happened to find them”.
“This news is a good reminder to focus on digital hygiene and give an audit to all of your digital accounts. Regularly update your passwords and activate two-factor authentication (2FA) if it’s not already enabled. If attackers have already gained access to your accounts, reach out to technical support right away to regain control and assess what other data might have been exposed. Use a reliable password manager, such as Kaspersky Password Manager, to securely store your credentials”, comments Anna Larkina, Web Content Analysis Expert at Kaspersky. “Users should also stay vigilant against social engineering scams, as fraudsters may use leaked details in multiple activities”.
Image Credit: Stock Image
