Researchers Harvest, Analyze 100K Cybercrime Forum Credentials
Researchers found that many Dark Web forums have stronger password rules than most government and military entities.
Cybersecurity researchers running a sprawling information-stealer campaign collected credentials, autofill data, and system information that tied back to about 100,000 users with memberships to well-known cybercrime forums.
Besides gathering identity, location, and IP address data associated with various cybercrime forum members, the Hudson Rock research team also scraped passwords that had been saved as part of the autofill feature.
Hudson Rock has a tool that measures the strength of breached passwords and found cybercrime forums broadly maintain better password protection than many critical infrastructure networks. An analysis found the Dark Web forum with the strongest overall user passwords was Breached.to, while the weakest passwords were found on Russian-language forum Rf-cheats.ru.
"Overall, passwords from cybercrime forums are stronger than passwords used for Government websites," the report said, "and exhibit fewer 'very weak' passwords than industries like the military."
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024