Hackers using a custom Trojan-type malware stole nearly 26 million login credentials—emails or usernames and associated passwords—from almost a million websites over a two year period, including from such namesakes as Amazon, Facebook, and Twitter, according to cybersecurity provider NordLocker.
The malware infiltrated over 3 million Windows-based computers between 2018 and 2020, with the cyber intruders making off with around 1.2 terabytes of personal information, according to a case study carried out by NordLocker in partnership with a third-party firm specializing in data breach analysis.
The 26 million stolen login credentials were across twelve different website types, including social media, online gaming, and email services. They included such household names as Google (1.54 million), Facebook (1.47 million), Amazon (0.21 million), Apple (0.13 million), Netflix (0.17 million), and PayPal (0.15 million).
In addition to login credentials, the stolen data includes 1.1 million unique email addresses, over 2 billion cookies, and 6.6 million files that users were storing on their desktops and in their downloads folders.
The stolen cookies, which can in some cases give access to a victim’s online accounts, were sorted into five groups: online marketplace, online gaming, file sharing site, social media, and video streaming services.
The billions of stolen cookies were associated with such sites as YouTube (17.1 million), Facebook (8.1 million), Twitter (5.2 million), Amazon (3.5 million), MediaFire (3.2 million), and eBay (2 million).
The malware mainly targeted web browsers to steal the data, with the top three software sources for stolen email/usernames plus passwords being Google Chrome (19.4 million), Mozilla FireFox (3.3 million), and Opera (2 million).
Besides stealing files, the malware also took screenshots of infected computers and photos using its webcam.
The malware was transmitted by email and pirated software, including illegal versions of Adobe Photoshop 2018 and a number of cracked games.
The report comes amid warnings from administration officials that cyberattacks of various types are on the rise.
BY TOM OZIMEK