New Trojan malware steals millions of login credentials

News
By
published

Malware and Wi-Fi threats are on the rise

Trojan
(Image credit: Iaremenko Sergii / Shutterstock)

Cybersecurity researchers have revealed a new custom Trojan-type malware that managed to infiltrate over three million Windows computers and steal nearly 26 million login credentials for about a million websites.

The findings from Nord Security classifies the websites into a dozen categories, which include virtually all popular email services, social media platforms, file storage and sharing services, ecommerce platforms, financial platforms, and more. 

In all, the unnamed malware managed to siphon away 1.2 terabytes of personal data including over a million unique email addresses, over two billion cookies, and more than six million other files.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

>> Click here to start the survey in a new window <<

“For every malware that gets worldwide recognition and coverage, there are thousands of custom viruses made specifically for the buyer's needs. These are nameless pieces of malicious code that are compiled and sold on forums and private chats for as little as $100,” explains Nord Security.

Public Wi-Fi menace

The research found that this malware also made away with over six million files the victims had on their desktops and in Downloads folders. It also took a screenshot of the infected machine, and even tried snapping a picture of the victim using the device’s webcam.

Worryingly, Nord Security adds that while the amount of stolen data is shocking, unnamed, custom malware aren’t the only threat to a user’s data. 

It goes on to share that one in four Wi-Fi networks has no encryption or password protection of any kind, making vast amounts of user data vulnerable to theft.

“Antimalware software like antiviruses doesn’t fully protect our devices. Public Wi-Fi poses as much danger to our logins as malware does. In many cases, public Wi-Fi can have poorly configured firewalls that let hackers monitor your Wi-Fi connection,” said Daniel Markuson, digital security expert at NordVPN, Nord Security’s VPN service.

TOPICS
Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Cartoon Phishing
Over a billion credentials stolen were stolen in malware attacks in 2024
NordVPN
US hit with over 1.9 billion malware threats last year - here's how to stay safe
An American flag flying outside the US Capitol building against a blue sky
US military and defense contractors hit with Infostealer malware
Data leak
AWS customers hit by major cyberattack which then stored stolen credentials in plain sight
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
Thousands of WordPress websites hit in new malware attack, here's what we know
Hands typing on a keyboard surrounded by security icons
Infostealers on the rise: the latest concern for organizational defenses
Latest in Security
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
Red padlock open on electric circuits network dark red background
AI-powered cyber threats are becoming the biggest worry for businesses everywhere
Woman using iMessage on iPhone
Apple to take legal action against British Government over backdoor request
Red padlock open on electric circuits network dark red background
Aviaton firms hit by devious new polyglot malware
A laptop with a red screen with a white skull on it with the message: &quot;RANSOMWARE. All your files are encrypted.&quot;
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
Image of laptop infected with malware
Ransomware criminals are now sending their demands...by snail mail?
Latest in News
A hand holding a phone showing the Android Find My Device network
Android 's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features
Viaim RecDot AI true wireless earbuds
These AI-powered earbuds can also act as a dictaphone with transcription when left in their case
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike
An Nvidia GeForce RTX 5070
Nvidia confirms that an RTX 5070 Founders Edition is coming... just not on launch day
More about security
Webex by Cisco banner on a Chromebook

Cisco warns some Webex users of worrying security flaw, so patch now
Image of laptop infected with malware

Ransomware criminals are now sending their demands...by snail mail?
Samsung S95D listing image

Samsung reportedly sold more OLED TVs than mini-LED in 2024, suggesting that if the price is matched, people have a favorite
See more latest
Most Popular
A hand holding a phone showing the Android Find My Device network
Android 's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features
Viaim RecDot AI true wireless earbuds
These AI-powered earbuds can also act as a dictaphone with transcription when left in their case
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike
Image of laptop infected with malware
Ransomware criminals are now sending their demands...by snail mail?
Red padlock open on electric circuits network dark red background
AI-powered cyber threats are becoming the biggest worry for businesses everywhere
Red padlock open on electric circuits network dark red background
Aviaton firms hit by devious new polyglot malware
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Thursday, March 6 (game #368)