Tuesday, February 11, 2025
HomeDark Web24.6 Billion Pairs of Credentials For Sale on The Dark Web

24.6 Billion Pairs of Credentials For Sale on The Dark Web

Published on

SIEM as a Service

Follow Us on Google News

As of this year, there are over 24.6 billion credential pairs are available or actively getting circulated on the dark marketplaces or dark web. However, it indicates that cybercrime has become a profitable business, one that has become extremely widespread.

At this point, it seems that one of the most hyped internet security categories is passwordless technology. Despite those initiatives, the reality is that passwords still remain firmly entrenched in the minds of many users.

As compared to the figures for the year 2020, the figures for last year showed an increase of 64%. In comparison to the two years prior to 2020, this represents a significant slowdown.

Limitless compromised data

The number of credentials for sale flew up by over 300 percent in the year between 2018 and the year the pandemic started. 

It is estimated that 6.7 billion of the 24.6 billion credentials are unique, which represents that over the past two years there is an increase of 1.7 billion. The figure equates to a 34 percent increase over where we were in 2020.

Cybersecurity analysts at Digital Shadows have claimed that almost 75% of the passwords, that’s the majority of passwords, available online for sale are purely common and easy to guess; in short, there is no uniqueness.

It is very easy for a cybercriminal to choose a compromised credential and attempt to use it since they have a limitless list of hacked credentials.

Here the primary culprit is the “Weak Password,” in short, an attacker can easily guess the passwords with the help of automated tools and compromise multiple accounts at a time.

The 123456 password appears in almost every 200 passwords offered by criminals, which is why many of those credentials have been stolen and compromised.

Weak Spots Enabling The ATO Attacker

Here below we have mentioned all the weak spots that are enabling the Account Takeover (ATO) attacker:-

  • Ever-Expanding Digital Footprint
  • Authentication Blind Spot
  • Too Late Attempts At Account Protection

Lifecycle of an ATO Attack

Taking part in an ATO is much like engaging in any kind of cyberattack: It begins with a mistake or a misconfiguration that enables the threat actors to take full advantage of the situation.

It continues to be difficult to detect until it is too late, but it is eventually caught. In a typical lifecycle, ATO can thrive in many scenarios, but the four main stages are parts of a typical lifecycle. And here below we have listed them all:-

  • Identification
  • Acquisition
  • Verification
  • Exploitation

Among the companies that have already agreed to implement FIDO-based authentication are Apple, Google, as well as Microsoft.

The problem of stolen and manipulated credentials used for ATO remains a growing problem, and organizations cannot afford to ignore it.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

SHA256 Hash Calculation from Data Chunks

The SHA256 algorithm, a cryptographic hash function, is widely used for securing data integrity...

New Report of of 1M+ Malware Samples Show Application Layer Abused for Stealthy C2

A recent analysis of over one million malware samples by Picus Security has revealed...

Seven-Year-Old Linux Kernel Bug Opens Door to Remote Code Execution

Researchers have uncovered a critical vulnerability in the Linux kernel, dating back seven years,...

Ransomware Payments Plunge 35% as More Victims Refuse to Pay

In a significant shift within the ransomware landscape, global ransom payments plummeted by 35%...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Massive Hacking Forum Network Dismantled by Authorities, Impacting 10M Users

Authorities have delivered a major blow to the cybercrime world by dismantling two of...

A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which...

New Research Uncovered Dark Internet Service Providers Used For Hacking

Bulletproof hosting services, a type of dark internet service provider, offer infrastructure to cybercriminals,...