[ad_1]
The Have I Been Pwned information breach notification service now enables you to verify in case your electronic mail and password are one in every of 441,000 accounts stolen in an information-stealing marketing campaign utilizing RedLine malware.
RedLine is presently essentially the most extensively used information-stealing malware, distributed by means of phishing campaigns with malicious attachments, YouTube scams, and warez/crack websites.
As soon as put in, the RedLine malware will try to steal cookies, credentials, bank cards, and autocomplete info saved in browsers. It additionally steals credentials saved in VPN purchasers and FTP purchasers, steals cryptocurrency wallets, and may obtain extra software program or execute instructions on the contaminated system.
The stolen information is collected into an archive, known as “logs,” and uploaded to a distant server from the place the attacker can later acquire them.
Attackers use these logs to compromise different accounts or promote them on darkish internet legal marketplaces for as little as $5 per log.
RedLine logs publicly uncovered
Final weekend, safety researcher Bob Diachenko discovered a server exposing over 6 million RedLine logs collected in August and September 2021. The menace actor doubtless used this server to retailer stolen information however didn’t safe it correctly.
Redline Stealer malware logs with greater than 6M data had been uncovered on-line, publicly (now taken down). Internationally sourced information, exfiltrated in Sept and Aug 2021. RS is the important thing supply of id information bought on on-line legal boards since its preliminary launch in early 2020. pic.twitter.com/kv9MNL8hAE
— Bob Diachenko (@MayhemDayOne) December 25, 2021
Diachenko advised BleepingComputer that whereas this information incorporates 6 million data, many had the identical electronic mail deal with used for various companies.
This week many LastPass acquired emails warning that their grasp passwords could also be compromised as they had been used to log in from an uncommon location.
Diachenko discovered that quite a few LastPass credentials had been stolen and saved within the uncovered RedLine logs and checked varied emails for LastPass customers who acquired the emails to see in the event that they had been listed.
let’s attempt, pls dm your electronic mail
— Bob Diachenko (@MayhemDayOne) December 28, 2021
Diachenko advised us that the server remains to be accessible however now not seems for use by the menace actors because the variety of logs has not elevated.
To make it simpler for others to verify if a hacker stole their information within the uncovered RedLine malware marketing campaign, Diachenko shared the information with Troy Hunt, who added it to his Have I Been Pwned service.
The RedLine information incorporates 441,657 distinctive electronic mail addresses stolen by RedLine that may now be searched on Have I Been Pwned.
Have I Been Pwned detecting electronic mail in RedLine logs
Sadly, in case your electronic mail deal with is listed within the RedLine malware logs, it isn’t sufficient to only change the passwords related to that electronic mail account.
As RedLine targets your entire information, you will need to change your password for all accounts used on the machine, together with company VPN and electronic mail accounts, and different private accounts.
Moreover, as RedLine makes an attempt to steal cryptocurrency wallets, it’s best to instantly switch the tokens to a different pockets in the event you personal any.
Lastly, in case your electronic mail is listed as a part of the RedLine data, it’s best to scan your laptop utilizing an antivirus software program to detect and take away any put in malware.
[ad_2]