Malware, Data Security

Infostealers ramp up business environment compromise

Share

Nearly 375,000 of almost 20 million information-stealing malware logs on the dark web had business application access, indicating the significant compromise of business environments achieved by infostealers, reports BleepingComputer. More than half of the stolen business app access logs were AWS Console credentials, while almost 48,000 logs were found to have access to identity management service "okta.com," which is being leveraged by enterprises for cloud and on-premise user authentication, according to a report from Flare. On the other hand, OpenAI credentials were discovered in over 200,000 stealer logs. The findings also showed that most of the logs were found on Telegram channels, with VIP channels leveraged for higher-value logs. "Based on evidence from the dark web forum Exploit.in, we rate it as highly likely that initial access brokers are using stealer logs as a principal source to gain an initial foothold to corporate environments that can then be auctioned off on top-tier dark web forums," said Flare researcher Eric Clay.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.