Kaspersky, a cybersecurity company, has reported a significant increase in data-stealing malware infections spreading worldwide, including Nigeria.
Their findings show a near sevenfold increase since 2020, with nearly 10 million devices compromised in 2023 alone and Nigeria recording close to a million.
In light of this, Kaspersky has released a dedicated webpage for users to check their company’s security as well as password compromise and data breach.
Kasperky: How cybercriminals use data-stealing malware
Using insights from Kaspersky Digital Footprint Intelligence, Kaspersky estimates that cybercriminals steal an average of 50.9 credentials per infected device. This data is gotten from infostealer malware log files which can then be used for fraudulent purposes or sold on the dark web.
The report highlights the most compromised domains as .com, .br (Brazil), .in (India), .co (Colombia), and .vn (Vietnam). However, the data also indicates a significant number of compromised accounts in Nigeria, with the .ng domain reaching over 920,000 infections in 2023.
“The .com domain leads in compromised accounts with nearly 326 million logins and passwords for websites on this domain were compromised by infostealers in 2023. It is followed by domain zones associated with Brazil (.br, 28,8 million), India (.in, 8,2 million), Colombia (.co), and Vietnam (.vn). In the .za domain, associated with South Africa, compromised accounts reached 1,070,000 in 2023, followed by .ke (Kenya – 970 000) and .ng (Nigeria – 920 000),” the report revealed.
Authors of the report further stated that “about 10,000,000 personal and corporate devices were compromised with data-stealing malware in 2023, amounting to a 643% increase over the past three years, Kaspersky Digital Footprint Intelligence data shows. The data on infected devices stems from the dynamics of infostealer malware log-files actively traded in the underground markets and monitored by Kaspersky to help companies ensure the security of their clients and employees.”
While the number of infections reduced by 9% in 2023 compared to 2022, experts warn this doesn’t represent a decline in cybercriminal activity. “It is possible that some credentials compromised in 2023 could be leaked to the dark web at some point during the current year. Therefore, the actual number of infections is likely to be even higher than 10 million. According to Kaspersky’s assessment of infostealer log-file dynamics, the number of infections that occurred in 2023 is projected to reach roughly 16,000,000.”
Sergey Shcherbel, expert at Kaspersky Digital Footprint Intelligence said, “The dark-web value of log files with login credentials varies depending on the data’s appeal and the way it’s sold there. Credentials may be sold through a subscription service with regular uploads, a so called “aggregator” for specific requests, or via a “shop” selling recently acquired login credentials exclusively to selected buyers. Prices typically begin at $10 per log file in these shops. This highlights how crucial it is both for individuals and companies – especially those handling large online user communities – to stay alert. Leaked credentials carry a major threat, enabling cybercriminals to execute various attacks such as unauthorised access for theft, social engineering, or impersonation.”
In response to this, the cybersecurity company, Kaspersky, recommends using comprehensive security software to protect against data-stealing malware. They also advise companies to proactively monitor leaks and encourage users to change compromised passwords.