European credential theft industry booming as US market sees decline

- 39% increase in compromised credentials detected in Europe and Russia in 2018
- Europe-only credential theft success at 62% growth rate
- Europe and Russia home to half of credential theft victims worldwide (49%)
- LokiPWS malware family distribution increases over 300% since start of 2017

ID: 1537227
recent pressrelease next pressrelease

(businesspress24) - - 39% increase in compromised credentials detected in Europe and Russia in 2018
- Europe-only credential theft success at 62% growth rate
- Europe and Russia home to half of credential theft victims worldwide (49%)
- LokiPWS malware family distribution increases over 300% since start of 2017

Blueliv, a leading European enterprise-class cyberthreat intelligence company, today announced its new report on The Credential Theft Ecosystem. According to Blueliv''s credential detection data, since the start of 2018 there has been a 39% increase in the number of compromised credentials detected from Europe and Russia, compared to the same period in 2017 (January-May). In fact, Blueliv observations conclude that Europe and Russia are now home to half of the world''s credential theft victims (49%).

When Russian credential victims are removed from the dataset, this year-over-year comparison jumps to 62%. The Eurasian growth figures tracked by Blueliv are surprisingly higher than North America''s, which actually recorded a decline by almost half (48%) year over year. These startling increases in cybercriminal success rates suggest that the credential theft industry is growing in the European region both in innovation and scope.

Daniel Sol"All it takes is a single good credential for a threat actor gain access to an organization and cause havoc, so as a European threat intelligence company, we are concerned to see significant credential theft growth rates in our home territory. Our latest special report provides deep insight into the lifecycle of the compromised credential, offering valuable guidance to all levels, from CISOs seeking to protect their business to analysts looking for IOCs to shrink their attack surface. Cybercriminals are constantly improving their weaponry and TTPs - industry collaboration and intelligence-sharing around these is crucial."

Malware families neck-and-neck
The report also observes some interesting trends in malware families being used to harvest these credentials. Pony, KeyBase and LokiPWS (also known as Loki Bot) have consistently been the most active stealers since the start of 2017, but Pony has always been several lengths ahead of its malware counterparts in terms of popularity. However, since the start of 2018, Blueliv has observed that LokiPWS has been narrowing the gap: the highest number of stealer samples detected by Blueliv''s infrastructure each month has now become a two-horse race between LokiPWS and Pony.



In fact, LokiPWS malware distribution has increased by more than 300% in the past year. More recently, since January to May 2018, there has been a 167% increase in samples classified by Blueliv. Currently, it is possible to purchase LokiPWS from a variety of underground markets as a modular product (stealer, wallet stealer and loader) with prices ranging between (USD)200-400, depending on the desired functionality.

Daniel Sol"According to our analyst team, the number of LokiPWS samples detected implies that its popularity among cybercriminals is increasing. Source code leaks of different versions of in recent years have probably influenced this increase and helped it become one of the fastest-growing credentials stealer families. Pony meanwhile has been active since 2011, and might be experiencing ''fatigue'' through more successful detection and remediation."

The report covers in depth:
- Illicit tactics, techniques and procedures (TTPs) used by cybercriminals to gather credentials;
- Why credentials are targeted, how they''re used and their value in illegal marketplaces;
- Methods used to filter, extract and validate credentials;
- The ways criminals profit from credential theft and how various industries are affected.

This intelligence is part of an ongoing effort to share practical guidance, helping security teams of all sizes access relevant information, implement its value and improve their security posture. Socialising cybersecurity means encouraging parity and fighting cybercrime collaboratively and more effectively.

The Credential Theft Ecosystem report is available to download from the following link: https://www.blueliv.com/the-credential-theft-ecosystem/.



More information:
http://https://www.realwire.com/releases/Veea-Acquires-Virtuosys-to-Bolster-Edge-Computing-Platform https://hardimanperformance.com/ https://www.realwire.com/releases/Open-Source-and-Standards-Organizations-Collaborate https://www.realwire.com/releases/European-



Keywords (optional):

blueliv, cyberthreats, it-security, risk-management,



Company information / Profile:

PressRelease by

Requests:



PressContact / Agency:

Josh Hoppen, Communications specialist, Blueliv
+34 612 28 72 64
joshua.hoppen(at)blueliv.com



published by: RealWire
print pressrelease  send to a friend  

Date: 06/13/2018 - 06:52
Language: English
News-ID 1537227
Character count: 5749
Kontakt-Informationen:
Firma: RealWire
Ansprechpartner: Leah Wood Feedback to businesspress24.com about Pressrelease-id:
Stadt: Lincoln
Telefon: 01522883640

Meldungsart: bitte
Versandart: Veröffentlichung
Freigabedatum: 13/06/2018
Comments:



Number of hits: 200

Linking-Tips:



Direct Link to this PressRelease:






We would appreciate a link in your News-, Press- or Partner-Site.

Comments on this PressRelease






All members: 8 810
Register today: 0
Register yesterday: 0
Members online: 0
Guests online: 74


Don't have an account yet? You can create one. As registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Categories:


[ more PressReleases ][ RSS-Feed ]