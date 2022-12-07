Cybercriminals are selling people’s entire digital identities for just a handful of loose change on bot markets, new research shows.

This is according to a new report from NordVPN (opens in new tab)some cybercriminals infect users with bot malware which then collects as much sensitive data as possible about the victim, including device screenshots, credentials stored in the browser, cookies, digital fingerprints (screen resolution, device information, browser preference, etc.), auto-fill forms and other information.

The data is then packaged and sold in bot markets, sometimes for as little as $6 per person. In addition, the purchaser is guaranteed that the data is valid and that it will be updated with new information as long as the target endpoint remains infected with malware.

Three markets, five infostealers

During its research, NordVPN analyzed three separate bot markets: the Genesis market, the Russian market, and 2Easy.

These were all active and accessible on the surface web at the time of analysis. The most popular types of malware and info stealers were RedLine, Vidar, Racoon, Taurus, and AZORult.

The researchers say these marketplaces are extremely dangerous because it is relatively easy to exploit the data being sold. Using cookies and passwords, adversaries can bypass security and gain a foothold in people’s social media and business accounts, and use the stolen identities to commit wire fraud, spread malware and ransomware, or simply resell the account for a higher price

“For example, a hacker can take control of a victim’s Steam account by changing the password. Steam accounts sell for up to $6,000 per account and can easily make money for a criminal,” said Marijus Briedis, CTO at NordVPN.

“Always use an antivirus to protect yourself. Other measures that could help include a password manager and file encryption tools to ensure that even if a criminal infects your device, there’s little to steal.”