Infostealers: a new threat to companies – how they operate and how to protect against them?
Infostealers – a New Threat to Organizations
Infostealers are malicious software that has become an increasingly common tool used by cybercriminals to steal data from infected computers. They are used to obtain passwords for online accounts, financial information, and other sensitive data, posing a serious security threat to organizations. Currently, there is a growing interest in infostealers among ransomware groups, indicating the complexity of the situation in the cybercrime market.
Infostealers’ Operational Methods
Infostealers can operate in various ways, utilizing diverse methods to gain access to companies’ IT systems. These methods include, among others:
- Brute force: a method involving attempts to guess a password through multiple trials until the desired outcome is achieved.
- Password purchase: acquiring access passwords from brokers specializing in infiltrating IT systems.
- Password reuse: using the same passwords in different places, making it easier for infostealers to access various user accounts.
- Exploiting IT security flaws: infostealers can attack systems by exploiting weak points in security measures.
- Employee computer infection: launching an infostealer on an employee’s device can serve as a gateway for further infiltration within the organization.
Infostealer RedLine and Its Costs
One of the popular infostealers on the market is RedLine, which offers its services at an attractive price. According to information, the standard version of this tool costs around $100 monthly, while the „pro” version requires about $600. This more expensive option enables the theft of data related to web browsers and cryptocurrency-related applications, which can bring additional benefits to cybercriminals.
Statistics and Trends Related to Infostealers
According to data collected by Google’s Mandiant, there has been a 60% increase in infostealer ads on underground cybercrime markets between 2021 and 2022. Furthermore, the sale of logs containing stolen data has increased by up to 2000%. Such a significant rise in interest in infostealers reflects the dynamic development of this type of threat in the digital environment.
Neglect of the Threat by Organizations
Unfortunately, despite the growing threat posed by infostealers, many corporations do not give sufficient importance to this issue. Research indicates that infostealers pose a real threat to organizations, yet many of them do not take adequate preventive actions, which can lead to serious consequences.
Summary
The increasing interest in infostealers among cybercriminals and their use to trigger devastating ransomware attacks pose a significant challenge to the security of organizations. Faced with a growing threat, it is essential to take effective actions to protect data and IT systems from infostealers and other forms of malicious software.