KEYBOARD crooks infiltrated over 3 million computers and snatched up 26 million coveted credentials and payment information for a wide array of accounts including Amazon, Apple, Facebook and others.
A total of 1.2-terabyte worth of hijacked personal data was pulled from 3.25 million companies that run Windows-based programs over a two-year timespan by mystery hackers using bespoke malware.
The sniper cyber hack was discovered by security outfit NordLocker and suggested the precious secrets were exposed when users opened Trojan horse style emails that activated the malware and snapped screenshots of the online activities and password logins and payment information to such mainstay sites such as Netflix, Paypal, Twitch, Twitter, eBay and Instagram among others.
“The truth is, anyone can get their hands on custom malware. It’s cheap, customizable, and can be found all over the web,” the firm NordLocker explained following its posting on Wednesday.
“Dark Web ads for these viruses uncover even more truth about this market. For instance, anyone can get their own custom and stealthy malware and even lessons on how to use the stolen data for as little as $100.
“And custom does mean custom – advertisers promise that they can build a virus to attack virtually any app the buyer needs,” it explained in a statement published by Threatpost.
The 26 million logins – that involved social media accounts, online marketplace shopping, job searches, gaming, financial services, email – were purloined between 2018 and 2020.
The method managed to use a dark wizard’s spell by taking possession of a device’s webcam and snapping a series of pics while it was in use.
NordLocker cited bootleg Adobe Photoshop, Windows cracking tools and pirated games as central means that the hackers exploited to hatch their schemes.
The malware also honed in on cookies.
“Cookies help hackers construct an accurate picture of the habits and interests of their target,” NordLocker stated.
“In some cases, cookies can even give access to the person’s online accounts….[for instance], online shopping cookies are used to store shopping cart data while the user browses a shop.
Biden touts special relationship with Boris & jokes he’s not going back to US
MAULED AFTER FALL
Boy, 3, plummets out of window and is mauled to death by family’s dogs
‘HOLY S**T, THAT’S A UFO’
Man claims ‘UFO hovered over his car and beamed a light at him’
‘YOU THINK I WON’T KILL HER’
Teen films herself beating baby & sends vid to girl’s dad
Biden & G7 leaders staying at $280-night CASTLE surrounded by ring of steel
El Chapo’s beauty queen wife pleads GUILTY to helping run drug empire
The dangers of letting these items fall into the wrong hands is especially concerning when can let bad actors “hijack a shopper’s session to break into their account where their home address and credit card details might be stored.”
News of the massive breach comes a month after the 5,500 Colonial Pipeline was a victim of ransomware, causing its 2.5million barrels of gas pumping from gas stations from Texas to New Jersey to go dry after it was shut down,
The hacker group DarkSide was able to force the company into paying $5million to break the stagnation and get their lines back up and running.
The FBI came forward this week to confirm that its white hat efforts were able to recoup almost half of the payout, some $2.3million of the Bitcoin ransom paid to DarkSide.
It also comes after a notorious set of Russian hackers belonging to REvil Group caused the shuttering of plants at the largest meat supplier in the world, JBS.
The company confirmed it was the target of an “organized cybersecurity attack” affecting some of its servers supporting its North American and Australian IT systems.