Infostealers have become a significant cybersecurity threat

IT Security Learning

Infostealers have become a significant cybersecurity threat, especially with the recent breaches like the Snowflake incident, which compromised around 165 businesses using stolen credentials. The rise in identity attacks is largely fueled by the ability of infostealers to harvest credentials in bulk, unlike phishing which typically targets fewer accounts. These stolen credentials are often sold in cybercrime marketplaces, with session cookies being especially valuable since they allow attackers to bypass multi-factor authentication (MFA).

Key trends in infostealers include:

A 266% increase in activity in 2023, showing their growing role in identity attacks.
Attackers favor session cookie theft, allowing them to hijack ongoing sessions without MFA.
Infostealers are distributed through phishing emails, drive-by attacks, and malvertising.
Common targets include browsers, where passwords, session cookies, and other autofill data are stolen.

Organizations are advised to deploy multi-factor authentication (MFA), session lifetime limits, and robust EDR solutions to mitigate the risks posed by infostealers. With the cybercrime ecosystem becoming more organized and lucrative, the threat of infostealers is expected to persist and evolve.

« Older Entries

Infostealers have become a significant cybersecurity threat

Latest Post:

AI and Machine Learning in Cybersecurity

SOAR to automate and coordinate security operations tasks and workflows

CIS Controls Framework Overview

Pin It on Pinterest