In a recent study of their data, Nord VPN has discovered that because of unsafe practices while browsing the internet, about 6,00,000 Indian users have had their private data stolen by phishing groups. Moreover, the study also discovered that most of this data is available on a corner of the internet for as little as Rs 490.

It means that India, which is still waiting for a data protection bill to become law, is the most severely impacted country in the world, accounting for 12% of all data on bot markets, which are online marketplaces used by cybercriminals to sell data they have stolen.

Notably, these markets differ from other dark web markets in that they can obtain large amounts of data about a single person in a single location. After selling the bot, they guarantee the buyer that the victim’s information will be updated for as long as the bot infects the device.

The study by NordVPN of Lithuania’s Nord Security has revealed that the stolen information included user logins, cookies, digital fingerprints, screenshots, and other details. Researchers have been tracking the data since the start of the bot markets in 2018.

It was said that on the examined markets, at least 26.6 million stolen logins had been discovered, including 720,000 for Google, 654,000 for Microsoft, and 647,000 for Facebook.

Researchers also discovered 667 million cookies, 81 thousand digital fingerprints, 538 thousand auto-fill forms, many screenshots from various devices, and webcam pictures.

Stolen data were found after examining three major bot markets: the Genesis market, the Russian Market, and 2Easy.

It is understood that while bot markets are becoming more popular, cybercriminals continue using common malware like RedLine, Vidar, Racoon, Taurus, and AZORult to steal data.

India has been dealing with cyber security concerns for a while. As recently as last month, multiple All India Institute of Medical Sciences (AIIMS) servers were infected on November 23.

A week after the ransomware attack on AIIMS, the Indian Council of Medical Research, or ICMR, faced around 6,000 hacking attempts within 24 hours on November 30.

Indian cybersecurity rules have tightened only earlier this year, with the Indian Computer Emergency Response Team or CERT-In, requiring tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.

“What makes bot markets different from other dark web markets is that they can get large amounts of data about one person in one place,” said Marijus Briedis, chief technology officer at NordVPN.

“And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as the bot infects their device.”

Researchers of NordVPN found 667 million cookies, 81,000 digital fingerprints, 538,000 auto-fill forms, numerous device screenshots, and webcam snaps in their study.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error: Unauthorized Content Copy Is Not Allowed
Scroll to Top
%d bloggers like this: