[ad_1]
The Have I Been Pwned information breach notification service now helps you to verify in case your electronic mail and password are one among 441,000 accounts stolen in an information-stealing marketing campaign utilizing RedLine malware.
RedLine is at present essentially the most extensively used information-stealing malware, distributed by means of phishing campaigns with malicious attachments, YouTube scams, and warez/crack websites.
As soon as put in, the RedLine malware will try and steal cookies, credentials, bank cards, and autocomplete info saved in browsers. It additionally steals credentials saved in VPN shoppers and FTP shoppers, steals cryptocurrency wallets, and might obtain extra software program or execute instructions on the contaminated system.
The stolen information is collected into an archive, referred to as “logs,” and uploaded to a distant server from the place the attacker can later gather them.
Attackers use these logs to compromise different accounts or promote them on darkish net prison marketplaces for as little as $5 per log.
RedLine logs publicly uncovered
Final weekend, safety researcher Bob Diachenko discovered a server exposing over 6 million RedLine logs collected in August and September 2021. The menace actor doubtless used this server to retailer stolen information however did not safe it correctly.
Redline Stealer malware logs with greater than 6M information had been uncovered on-line, publicly (now taken down). Internationally sourced information, exfiltrated in Sept and Aug 2021. RS is the important thing supply of identification information offered on on-line prison boards since its preliminary launch in early 2020. pic.twitter.com/kv9MNL8hAE
— Bob Diachenko (@MayhemDayOne) December 25, 2021
Diachenko instructed BleepingComputer that whereas this information comprises 6 million information, many had the identical electronic mail deal with used for various providers.
This week many LastPass obtained emails warning that their grasp passwords could also be compromised as they had been used to log in from an uncommon location.
Diachenko discovered that quite a few LastPass credentials had been stolen and saved within the uncovered RedLine logs and checked numerous emails for LastPass customers who obtained the emails to see in the event that they had been listed.
let’s attempt, pls dm your electronic mail
— Bob Diachenko (@MayhemDayOne) December 28, 2021
Diachenko instructed us that the server remains to be accessible however now not seems for use by the menace actors because the variety of logs has not elevated.
To make it simpler for others to verify if a hacker stole their information within the uncovered RedLine malware marketing campaign, Diachenko shared the information with Troy Hunt, who added it to his Have I Been Pwned service.
The RedLine information comprises 441,657 distinctive electronic mail addresses stolen by RedLine that may now be searched on Have I Been Pwned.
Sadly, in case your electronic mail deal with is listed within the RedLine malware logs, it isn’t sufficient to only change the passwords related to that electronic mail account.
As RedLine targets your whole information, it’s essential to change your password for all accounts used on the machine, together with company VPN and electronic mail accounts, and different private accounts.
Moreover, as RedLine makes an attempt to steal cryptocurrency wallets, it’s best to instantly switch the tokens to a different pockets in the event you personal any.
Lastly, in case your electronic mail is listed as a part of the RedLine information, it’s best to scan your pc utilizing an antivirus software program to detect and take away any put in malware.
[ad_2]
