Security Alert: 1 Billion Passwords Stolen by Malware
Blog post from SSOJet
Darren James from Specops Software highlights that even strong password policies cannot prevent theft by malware, as demonstrated by an analysis of over one billion stolen passwords, many of which met complexity standards. Infostealers, a type of malware that includes Redline, Vidar, and Raccoon Stealer, are primarily responsible for credential theft through a process involving infection, persistence, data collection, exfiltration, evasion, and execution. The analysis shows that 230 million compromised passwords conformed to standard complexity requirements, underscoring the inadequacy of these regulations against modern threats. Redline malware accounted for 55% of password-stealer attacks in 2023, dominating infections over three years, according to Kaspersky. The report emphasizes the importance of using password managers to create unique and complex passwords, as reusing passwords significantly increases the risk of compromise. Kaspersky advises raising awareness and taking proactive measures to mitigate risks from these malware threats.
No tracked trend matches for this post yet.