61 percent of breaches involve infostealer malware

A rise in identity-based attacks can be laid at the door of a rapid increase in malware, according to a new report. Analysis by SpyCloud finds that 61 percent of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related.

Researchers also report that the average identity had a one in five chance of already being the victim of an infostealer infection. Infostealer malware enables criminals to collect vast amounts of information about the user and the device, including a user's session cookies, API keys and webhooks, crypto wallet addresses, and more.

Stolen authentication data enables cybercriminals to bypass protections including MFA and even passkeys to hijack their victim's identity and take over digital sessions.

"Cheap and easy-to-use infostealers combined with the ubiquity of stolen data online can make cyber defense seem like an impossible task," says Trevor Hilligoss, VP of SpyCloud Labs, SpyCloud’s research team responsible for recapturing data and analyzing patterns from the criminal underground. "Protecting digital identities and beating cybercriminals at their own game requires a multi-layered approach. It starts with quickly identifying exposed identities and immediately moves to post-infection remediation -- invalidating compromised authentication data for all applications exposed by the infection. It's a sure-fire way to prevent future cyberattacks resulting from the stolen information."

SpyCloud's researchers also recaptured nearly 200 different types of PII in 2023, ranging from full names (3.16 billion) and phone numbers (2.14 billion) to dates of birth (920.25 million), social security and national ID numbers (171.61 million), and credit card numbers (36.97 million).

Mobile malware is becoming an attractive attack vector for criminals too. Between August and December 2023, SpyCloud recaptured 10.58 million mobile records exfiltrated by malware.

Poor password practice is also an issue, of nearly 1.38 billion recaptured passwords circulating the darknet in 2023 the report finds a 74 percent password reuse rate for users exposed in two or more breaches in the last year. Researchers found 723 breaches containing .gov emails in 2023, up from 695 in 2022 and 611 in 2021. The recaptured records contained over 281,000 .gov credentials.

You can find out more on the SpyCloud Labs site.

Image credit: photonphoto/depositphotos.com