09-12-2022
Bureau Report
NEW DELHI/ BENGALURU: Around five million people globally have had their data stolen and sold on the bot market till date, of which 600,000 are from India, making it the worst affected country, according to one of the world’s largest VPN service providers NordVPN.
Bot markets are used by hackers to sell stolen data from victims’ devices with bot malware.
The study by NordVPN, of Lithuania’s Nord Security, said the stolen data included user logins, cookies, digital fingerprints, screenshots and other information, with the average price for the digital identity of a person pegged at 490 Indian rupees ($5.95).
NordVPN tracked data for the past four years, ever since bot markets were launched in 2018.
India has been dealing with cyber security concerns for a while. As recently as last month, multiple servers of the All India Institute of Medical Sciences (AIIMS), a federal government hospital that caters to ministers, politicians and the general public, were infected on Nov 23, a senior police official told Reuters.
A week after the ransomware attack on AIIMS, the Indian Council of Medical Research (ICMR) faced around 6,000 hacking attempts within 24 hours on Nov 30; media reported.
Indian cybersecurity rules have tightened only earlier this year, with the Indian Computer Emergency Response Team (CERT) requiring tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.
NordVPN’s study looked into three major bot markets, the Genesis market, the Russian Market, and 2Easy and found stolen logins including those from Google, Microsoft and Facebook accounts.
“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place,” said Marijus Briedis, chief technology officer at NordVPN.
“And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot.”
Researchers of NordVPN found 667 million cookies, 81,000 digital fingerprints, 538,000 auto-fill forms, numerous device screenshots, and webcam snaps in their study.
Meanwhile, Microsoft confirmed that a group it calls DEV-0537 broke into an account and stole some parts of source code for some of its products, The Verge reported.
Notorious hacking group Lapsus$ took responsibility, claiming it has hacked Microsoft. The group posted a file that holds around 37 GB of data and asserted it contains partial source code for Bing and Cortana.
Microsoft said in a blogpost that their investigators are trying to track down the hacker group for weeks.
According to the Microsoft Threat Intelligence Centre (MSTIC), “the objective of DEV-0537 actors is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization, often resulting in extortion. Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction.”
Microsoft affirms, however, that the leaked code does not result in any serious threats and that their team intervenes hacker’s mid-operation.
Both Samsung and Nvidia confirmed that their data had been stolen.