Over 36 mn AI, gaming credentials compromised by infostealers in 3 yrs: Report


New Delhi, Feb 29 (IANS): Investigating the dark web market for credential theft from popular AI and gaming websites, the researchers on Thursday said that more than 36 million credentials (logins and passwords) were compromised by infostealers in the past three years.

According to the cybersecurity company Kaspersky, 34,000,000 Roblox users’ credentials were compromised with malware and leaked on the dark web over the past three years. This figure rose by 231 per cent from roughly 4,700,000 in 2021 to 15,500,000 in 2023.

"The reason behind such high volumes of thefts of login credentials associated with Roblox is that children are among the most vulnerable audiences, as they are susceptible to various kinds of social engineering," said Yuliya Novikova, head of Kaspersky Digital Footprint Intelligence.

Credentials from various AI services -- image editing, translation, text tuning, chatbots, to voice generators -- are being compromised due to their growing popularity, the researchers noted.

Over the past three years, about 1,160,000 application users' credentials from AI-powered online graphic design tool Canva were compromised with data-stealing malware.

Another popular AI writing assistant, Grammarly, had around 839,000 user credentials stolen between 2021 and 2023, the report said.

"The credential compromises in question stem from infostealer activity, a specialised form of malware designed to steal user credentials for cyberattacks, dark web sales, or other malicious activities," Novikova said.

"Both personal and corporate devices can be infected by infostealers through phishing emails or websites, public-faced sites with malicious content, and various other means," she added.

 

  

Top Stories


Leave a Comment

Title: Over 36 mn AI, gaming credentials compromised by infostealers in 3 yrs: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.