Over 50 million passwords amassed by Russian hackers

More than 50 million passwords have been exfiltrated by 34 Russian hacking groups through information-stealing malware, including Racoon and RedLine, during the first seven months of 2022, The Hacker News reports. Such malware distributed using a stealer-as-a-service model has also been used to steal 2.11 billion cookie files, 113,204 crypto wallets, and 103,150 payment cards, with the total haul estimated to have a market value of nearly $5.8 million, according to a Group-IB report. Over 890,000 devices across 111 countries have been compromised between January and July, most of which were in the U.S. Brazil, India, Germany, and Indonesia rounded up the top five countries impacted by the stealers. The report also revealed that several groups involved in info-stealer deployment have been involved in the Classiscam operation, and have mainly engaged in Racoon and RedLine distribution. "The popularity of schemes involving stealers can be explained by the low entry barrier. Beginners do not need to have advanced technical knowledge as the process is fully automated and the worker's only task is to create a file with a stealer in the Telegram bot and drive traffic to it," said Group-IB.