The use of malware designed to harvest consumers digital data, known as password stealers, grew 60 per cent in the first half of 2019, affecting a large number of users in India, showed data from cybersecurity firm Kaspersky.
Most frequently, the malware has targeted users in India, Brazil, Germany, Russia and the US. The number of users, targeted by the stealers, peaked from less than 600,000 in the first half of 2018 to over 940,000 during the same period this year, showed the findings.
Password Stealing Ware (PSW) is a major weapon in the cybercriminals’ toolkit to sabotage users’ privacy. This malicious type of software grabs data directly from users’ web browsers using various methods.
Quite often, this information is sensitive and includes access details for online accounts as well as financial information – like saved passwords, autofill data and saved payment card details.
In addition, some families of this type of malware are designed to steal browser cookies, user files from a specific location (for example, a user’s desktop) as well as app files, such as messenger services.
“Modern consumers are increasingly active online and understandably rely on the Internet to carry out many tasks in their daily lives. This fills their digital profiles with more and more data and details and makes them a lucrative target for criminals as they could be monetized in numerous ways afterwards,” Alexander Eremin, security researcher at Kaspersky, said in a statement.
One of the most widely spread Stealer Trojans was multifunctional Azorult, detected on the computers of more than 25 per cent of all users who encountered Trojan-PSW type malware in the examined period.
The researchers cautioned users against sharing passwords or personal information with friends or family as they could unwittingly make them vulnerable to malware.
Users should also not post them on forums or social media channels. Always install updates and product patches to ensure protection from the latest malware and threats, Kaspersky recommended.