According to Kaspersky’s data, 443,000 websites worldwide have experienced compromised credentials in the past five years.
Elevate Your Tech Prowess with High-Value Skill Courses
| Offering College | Course | Website |
|---|---|---|
| IIT Delhi | IITD Certificate Programme in Data Science & Machine Learning | Visit |
| IIM Lucknow | IIML Executive Programme in FinTech, Banking & Applied Risk Management | Visit |
| Indian School of Business | ISB Professional Certificate in Product Management | Visit |
The .com (dot com) domain led the list of compromised accounts, followed by Brazil (.br), India (.in), Colombia (.co), and Vietnam (.vn).
“In the .in domain, associated with India, compromised accounts reached over 8 million in 2023,” it said.
“According to Kaspersky’s assessment, the number of infections that occurred in 2023 is projected to reach roughly 16,000,000,” it added, noting an increase in the threat posed by data-stealers for both consumers and businesses.
Cyber criminals steal an average of 50.9 log-in credentials per infected device, it said, adding that these credentials may encompass log-ins for social media, online banking services, crypto wallets, and various online services including email.
Discover the stories of your interest
The data, which drew insights from infostealer malware log files traded on underground markets, showed the actual number of infections is likely to be even higher than 10 million. “The dark-web value of log files with login credentials varies depending on the data’s appeal and the way it’s sold there. Credentials may be sold through a subscription service with regular uploads, a so called ‘aggregator’ for specific requests, or via a ‘shop’ selling recently acquired login credentials exclusively to selected buyers. Prices typically begin at $10 per log file in these shops,” said Sergey Shcherbel, a cybersecurity expert at Kaspersky Digital Footprint Intelligence.
