+
 
For the best experience, open
m.thewire.in
on your mobile browser or Download our App.
You are reading an older article which was published on
Dec 09, 2022

600,000 Indians' Data Has Been Stolen, Sold on Bot Market: NordVPN

Researchers of NordVPN found 667 million cookies, 81,000 digital fingerprints, 538,000 auto-fill forms, numerous device screenshots, and webcam snaps in their study.
3D printed models of people working on computers and padlock are seen in front of a displayed
Support Free & Independent Journalism

Good morning, we need your help!

Since 2015, The Wire has fearlessly delivered independent journalism, holding truth to power.

Despite lawsuits and intimidation tactics, we persist with your support. Contribute as little as ₹ 200 a month and become a champion of free press in India.

Bengaluru: Around five million people globally have had their data stolen and sold on the bot market till date, of which 600,000 are from India, making it the worst affected country, according to one of the world’s largest VPN serice providers NordVPN.

Bot markets are used by hackers to sell stolen data from victims’ devices with bot malware.

The study by NordVPN, of Lithuania’s Nord Security, said the stolen data included user logins, cookies, digital fingerprints, screenshots and other information, with the average price for the digital identity of a person pegged at 490 Indian rupees($5.95).

NordVPN tracked data for the past four years, ever since bot markets were launched in 2018.

India has been dealing with cyber security concerns for a while. As recently as last month, multiple servers of the All India Institute of Medical Sciences (AIIMS), a federal government hospital that caters to ministers, politicians and the general public, were infected on Nov. 23, a senior police official told Reuters.

A week after the ransomware attack on AIIMS, the Indian Council of Medical Research (ICMR) faced around 6,000 hacking attempts within 24 hours on Nov. 30, Times of India reported.

Indian cybersecurity rules have tightened only earlier this year, with the Indian Computer Emergency Response Team (CERT) requiring tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.

NordVPN’s study looked into three major bot markets – the Genesis market, the Russian Market, and 2Easy – and found stolen logins including those from Google, Microsoft and Facebook accounts.

“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place,” said Marijus Briedis, chief technology officer at NordVPN.

“And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot.”

Researchers of NordVPN found 667 million cookies, 81,000 digital fingerprints, 538,000 auto-fill forms, numerous device screenshots, and webcam snaps in their study.

(Reuters)

Make a contribution to Independent Journalism
facebook twitter