Researchers have discovered a 1.2TB database of passwords, cookies, and files stolen from over 3 million computers by a Trojan horse. A new study by NordLocker, in collaboration with independent researchers, analyzed statistical data collected from 3.25 million Trojan-infected Windows computers worldwide. The newly discovered database contains 1.2TB of stolen information, including billions of personal details such as passwords, cookies and files, dating from 2018 to 2020. It is estimated that 26 million passwords are present on these 3 million computers.
Anonymous malware spread through email attachments and illegal software managed to steal nearly 26 million user credentials from nearly one million different websites. The most affected were social networking sites such as Facebook (1.5 million usernames stolen), Twitter (261,773) and Instagram (153,754), email providers, namely Google (1.5 million), Outlook (403,580) and Yahoo (224,961), and finally streaming sites such as Netflix (170,067), Twitch (106,690) and Spotify (61,349).
NordLocker analysts discovered more than 2 billion cookies among the staggering amount of stolen data, 22% of which were valid on the day of discovery. Most of the stolen cookies came from online shopping sites like AliExpress (4.8 million stolen cookies), online gaming platforms like Steam (2 million), file hosting and sharing services like MediaFire (3.2 million), social networking sites like Facebook (8 million), and finally video streaming services like YouTube (17.1 million).
3. Files Stolen
The malware stole more than 6.6 million files that victims saved on their desktops and in their download folder. Of these files, 50% were text files, over 16% were .png and .jpg image files, and about 10.5% of all stolen files were .doc, .docx and .pdf files.
4. The Database
The database analyzed included autocomplete and payment information from 49 applications. NordLocker’s research shows that the malware targeted applications, particularly web browsers, which were used to steal most of the data. The malware also took data from email applications, email service providers, as well as file sharing and video games. The virus stole 19.4 million user credentials (email or username and password) from Google Chrome, 3.3 million from Mozilla Firefox, and 2 million from Opera. Thousands of usernames were also stolen from major companies such as Torch, Brave, Vivadi, and Yandex.
HOW TO PROTECT YOURSELF
Install antivirus software. Despite some limitations in dealing with the latest types of malware, anti-virus software remains one of the most reliable tools for protecting your system.
- Learn to recognize phishing emails. Avoid downloading suspicious attachments or clicking on suspicious links in an email. Always check the sender and content before clicking on anything.
- Use a password manager to help you generate complex and unique passwords and keep them safe.
- Use multi-factor authentication if possible for extra protection.
- Only download software from trusted sources. Malicious software is often spread by illegal programs. So make sure you only use legal software purchased from official companies and websites.
- Encrypt sensitive files stored on your computer and in the cloud. There are easy-to-use file encryption tools that will turn your information into impenetrable code. Even the most experienced hackers will not be able to access it without your permission.