Nearly 2 Million Users Targeted by Password-Stealing Malware in 2019

Yesterday, January 28, marked International Data Privacy Day, an annual event celebrated for over a decade. In honor of this occasion, Kaspersky Lab analyzed some of the most pressing cyber threats that put users’ personal information at risk.

According to the company’s statistics, the number of users worldwide attacked by password-stealing malware increased significantly in 2019—by 72%. In total, Kaspersky Lab’s products blocked such attacks on the devices of nearly 2 million users.

Password-stealing malware is capable of extracting information directly from browsers. This can include usernames and passwords for various accounts, saved payment card data, and the contents of autofill forms.

Additionally, 2019 saw a significant rise in phishing attacks, during which cybercriminals typically attempt to obtain users’ personal and payment information. During this period, Kaspersky Lab’s solutions prevented an average of 38 million attempts per month to redirect users to fraudulent websites. Phishers closely monitor current events and exploit public interest in major happenings and celebrities, creating official-looking lures to trick people into clicking malicious links or submitting personal data.

“The amount of data generated by users is constantly growing, as is its value to cybercriminals, who, among other things, sell stolen personal information on closed forums. Various methods are used to gain access to assets, including password-stealing malware and phishing. If you discover that your data from any service has been leaked online, you should immediately change your account password. There are also basic rules that, if followed, help reduce the risks of potential leaks and malicious use of data,” commented Tatyana Sidorina, Senior Content Analyst at Kaspersky Lab.