专家发现了一种未知的恶意软件,可以窃取 1.2 TB 机密数据

NordLocker experts 发现了 an impressive database of information collected by unknown custom malware from more than 3 million Windows-based computers.

Ťhe 1.2 TB database contained 6.6 million files, 26 million credentials, 和 2 billion authorization cookies, 和 400 million of them valid at the time the database was discovered.

Researchers were unable to identify the malware through which the information was collected, but it is known that it spread from 2018 到 2020 through malicious versions of Adobe Photoshop, pirated games and Windows hacking tools.

事实上, anyone can access custom malware. It’s cheap, customizable, and can be found on the dark web. 例如, for just $100, anyone can find their own custom malware and even lessons on using stolen data.the researchers noted.

The credentials contained in the database included 1.1 million unique email addresses used as logins for various applications and services, including social networks, job search sites, online stores, financial services, 等等.

此外, the database contained credentials, as well as information from autocomplete fields and payment data stolen from 48 applications, mainly browsers and email clients, such as Google Chrome (19.4 million entries), Mozilla FireFox (3.3 million entries ), 歌剧 (2 million entries) Internet Explorer/Microsoft Edge (1.3 million entries), Chromium (1 million entries), CocCoc (451,962 entries), Outlook (111,732 entries), Yandex (79,530 entries), Torch ( 57,427 million records), Thunderbird (42,057 million records).

Among other things, experts found in the database a total of 6 million files stolen by malware from the download folders and the desktop. The information included 3 million text files, over 1 million images, and over 600,000 Microsoft Word and PDF documents.

The database also contained a huge number of stolen cookies for e-commerce sites, gaming sites, file hosting services, video streaming services, social media, as well as cookies used for user tracking and targeted advertising.

Experts believe that the owners of the base accidentally revealed its location. NordLocker has already notified the cloud hosting provider of its finding.

Details about malware:

  • This is a Trojan-type malware that was transmitted via email and illegal software. The software includes illegal Adobe Photoshop 2018, a Windows cracking tool, and several cracked games.
  • The data was collected from 3.25 million computers. The malware stole nearly 26 million login credentials holding 1.1 million unique email addresses, 2 billion+ cookies, 和 6.6 million files.
  • Nameless, or custom, trojans such as this are widely available online for as little as $100. Their low profile often helps these viruses stay undetected and their creators unpunished.
  • Screenshots made by the malware reveal that the data was stolen between 2018 和 2020.
  • The virus assigned unique device IDs to the stolen data, so it can be sorted by the source device.

Let me remind you that I talked about that MountLocker 勒索软件使用 Windows API 来导航网络.

赫尔加·史密斯

我一直对计算机科学感兴趣, 特别是数据安全和主题, 现在被称为 "数据科学", 从我十几岁起. 在加入病毒清除团队担任主编之前, 我曾在多家公司担任网络安全专家, 包括亚马逊的一名承包商. 另一种体验: 我在雅顿大学和雷丁大学任教.

发表评论

本网站使用的Akismet,以减少垃圾邮件. 了解您的意见如何处理数据.

返回顶部按钮