Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Over 5 Billion Unique Credentials Offered on Cybercrime Marketplaces

More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials, according to a report published on Wednesday by San Francisco-based risk protection solutions provider Digital Shadows.

More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials, according to a report published on Wednesday by San Francisco-based risk protection solutions provider Digital Shadows.

Over the past few years, Digital Shadows added to its breach repository more than 15 billion credentials shared on criminal forums, paste sites, file sharing services, and code sharing websites.

The company told SecurityWeek that most of these usernames and passwords have been offered for free and the total number does not include numbers claimed by sellers, which indicates that the actual amount of exposed credentials is even higher.

After eliminating duplicates, Digital Shadows identified more than 5 billion unique username and password combinations.

In terms of prices, the average cost of a single account sold on cybercrime marketplaces was $15.43. Unsurprisingly, the most expensive are banking and financial services accounts, with an average price of nearly $71, but Digital Shadows researchers have also seen accounts sold for over $500.

Antivirus accounts cost just over $20, while other types of accounts typically cost less than $10. This includes cable, social media, VPN, streaming, adult, education, music, file sharing, and video game accounts.

In the case of antivirus accounts, Alex Guirakhoo, threat research team lead at Digital Shadows, told SecurityWeek that they are mostly for consumer products.

“Much like with the popularity of streaming accounts for sale, it’s likely that many buyers are simply of the mindset that they do not want to pay for their own antivirus subscription,” he explained.

Advertisement. Scroll to continue reading.

Threat actors are also offering access to critical systems housed by organizations. Domain admin access has been offered for as much as $120,000, with an average price of just over $3,100. Pricing also depends on the targeted industry, with the local government and financial sectors having the highest prices.

Domain access prices per industry

The company also noticed that accounting-related usernames are highly sought after, particularly accounts that include strings such as “invoice.”

Digital Shadows has pointed out that account takeover attacks are easy to conduct, as well as cheap, with specialized tools being sold for an average of only $4.

Marketplaces such as Genesis Market also allow cybercriminals to rent account access as an alternative to purchasing credentials. Hackers can rent an identity for a certain period — this often costs less than $10 — and the service also provides the victim’s “fingerprint data” to make it easier to hijack accounts and perform transactions without getting detected. This fingerprint data includes the victim’s IPs, cookies and time zones.

The complete report from Digital Shadows is available for download in PDF format.

Related: Collection of South Korean, U.S. Payment Cards Emerges on Underground Market

Related: Data Stolen From 945 Websites Emerges on Dark Web

Related: Free ImmuniWeb Tool Allows Organizations to Check Dark Web Exposure

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.